urlscan.io logo urlscan.io
SecurityTrails logo

ls.kurdgozar.fun Open in urlscan Pro
2606:4700:3031::ac43:a4aa  Public Scan

Go To Rescan Add Verdict Report
URL: https://ls.kurdgozar.fun/
Submission: On January 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 152 IPs in 13 countries across 145 domains to perform 639 HTTP transactions. The main IP is 2606:4700:3031::ac43:a4aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ls.kurdgozar.fun.
TLS certificate: Issued by E1 on January 9th 2024. Valid for: 3 months.
This is the only time ls.kurdgozar.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
28 199.232.193.131 54113 (FASTLY)
1 23.7.17.42 16625 (AKAMAI-AS)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
115 69.28.187.147 22822 (LLNW)
3 2600:1901:0:7... 396982 (GOOGLE-CL...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2 3.209.115.69 14618 (AMAZON-AES)
1 4 18.165.83.79 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 4 2620:116:800b... 14618 (AMAZON-AES)
1 2606:2800:11f... 15133 (EDGECAST)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.130.217 54113 (FASTLY)
2 50.19.115.52 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.81.230 15169 (GOOGLE)
1 2600:9000:201... 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
3 54.230.163.71 16509 (AMAZON-02)
1 18.165.83.123 16509 (AMAZON-02)
1 99.84.108.73 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 20.40.202.0 8075 (MICROSOFT...)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 3.162.111.130 16509 (AMAZON-02)
1 35.81.148.56 16509 (AMAZON-02)
1 99.84.108.35 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.9.51 396982 (GOOGLE-CL...)
16 24 68.67.179.166 29990 (ASN-APPNEX)
1 2607:f8b0:400... 15169 (GOOGLE)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 34.233.76.222 14618 (AMAZON-AES)
1 54.243.90.71 14618 (AMAZON-AES)
1 3.162.125.11 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.239.232.95 14618 (AMAZON-AES)
1 13.32.151.81 16509 (AMAZON-02)
1 18.173.132.21 16509 (AMAZON-02)
1 18.160.1.134 16509 (AMAZON-02)
10 69.173.151.96 26667 (RUBICONPR...)
1 108.138.128.63 16509 (AMAZON-02)
1 4 23.92.190.68 10913 (INTERNAP-BLK)
21 34.149.50.64 15169 (GOOGLE)
5 147.28.146.89 54825 (PACKET)
1 34.225.66.52 14618 (AMAZON-AES)
4 8 172.64.151.101 13335 (CLOUDFLAR...)
5 2602:803:c002... 26667 (RUBICONPR...)
1 23.52.161.154 16625 (AKAMAI-AS)
3 52.1.107.55 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
8 52.202.166.126 14618 (AMAZON-AES)
1 23.4.232.54 16625 (AKAMAI-AS)
1 18.160.46.85 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20a... 16509 (AMAZON-02)
9 9 69.194.240.13 26120 (RHYTHMONE)
2 4 3.215.169.119 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 6 104.36.115.113 62713 (AS-PUBMATIC)
1 8.28.7.109 62713 (AS-PUBMATIC)
1 12 2606:4700:10:... 13335 (CLOUDFLAR...)
22 22 3.33.220.150 16509 (AMAZON-02)
14 32 8.28.7.83 62713 (AS-PUBMATIC)
20 33 69.173.151.100 26667 (RUBICONPR...)
11 17 34.111.113.62 396982 (GOOGLE-CL...)
14 19 142.251.35.162 15169 (GOOGLE)
4 4 2607:f350:3:2... 27630 (AS-XFERNET)
2 3 23.105.12.150 30633 (LEASEWEB-...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
4 52.41.55.219 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
18 18 35.211.178.172 15169 (GOOGLE)
1 35.241.45.217 396982 (GOOGLE-CL...)
47 54 162.19.138.119 16276 (OVH)
1 2 34.102.243.38 396982 (GOOGLE-CL...)
17 34.203.113.223 14618 (AMAZON-AES)
3 3 198.148.27.131 19189 (PULSEPOINT)
1 1 3.228.186.33 14618 (AMAZON-AES)
1 1 23.56.162.28 16625 (AKAMAI-AS)
2 3 23.105.12.143 30633 (LEASEWEB-...)
2 4 3.91.113.229 14618 (AMAZON-AES)
1 1 63.251.28.133 26558 (FREEWHEEL)
9 17 67.202.105.22 32748 (STEADFAST)
13 15 8.28.7.82 62713 (AS-PUBMATIC)
4 4 35.214.146.181 15169 (GOOGLE)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
7 8 34.98.64.218 396982 (GOOGLE-CL...)
8 8 23.192.7.104 16625 (AKAMAI-AS)
18 23.56.163.106 16625 (AKAMAI-AS)
3 51.222.239.232 16276 (OVH)
6 6 52.22.22.238 14618 (AMAZON-AES)
14 14 54.161.18.58 14618 (AMAZON-AES)
7 8 18.235.219.79 14618 (AMAZON-AES)
3 4 3.216.175.37 14618 (AMAZON-AES)
2 2 8.43.72.97 26667 (RUBICONPR...)
2 2620:1ec:21::14 8068 (MICROSOFT...)
3 7 2600:1f18:4e9... 14618 (AMAZON-AES)
2 7 52.46.143.56 16509 (AMAZON-02)
2 3 52.95.126.138 16509 (AMAZON-02)
12 13 3.225.218.10 14618 (AMAZON-AES)
1 104.117.182.139 20940 (AKAMAI-ASN1)
2 2600:9000:261... 16509 (AMAZON-02)
4 19 52.223.22.214 16509 (AMAZON-02)
1 104.18.111.252 13335 (CLOUDFLAR...)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 23.56.212.249 16625 (AKAMAI-AS)
6 147.28.129.140 54825 (PACKET)
2 2 178.250.7.11 44788 (ASN-CRITE...)
10 10 63.251.86.50 32475 (SINGLEHOP...)
15 54.164.245.185 14618 (AMAZON-AES)
2 2 34.200.65.202 14618 (AMAZON-AES)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
3 7 8.28.7.84 62713 (AS-PUBMATIC)
7 7 207.198.113.90 13768 (COGECO-PEER1)
2 23.203.177.63 16625 (AKAMAI-AS)
3 5 34.193.227.167 14618 (AMAZON-AES)
2 104.126.112.185 16625 (AKAMAI-AS)
2 3.231.44.207 14618 (AMAZON-AES)
3 6 35.244.154.8 396982 (GOOGLE-CL...)
1 17 104.18.36.155 13335 (CLOUDFLAR...)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
5 23.56.213.14 16625 (AKAMAI-AS)
3 9 168.119.72.236 24940 (HETZNER-AS)
1 3 67.202.105.33 32748 (STEADFAST)
1 20 195.244.31.10 63140 (IGUANA-WO...)
5 5 50.31.142.63 22075 (AS-OUTBRAIN)
3 37.157.4.29 198622 (ADFORM)
1 1 47.252.78.131 45102 (ALIBABA-C...)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
2 2 82.145.213.8 39832 (NO-OPERA)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 9 185.167.164.39 198622 (ADFORM)
4 4 74.119.119.150 19750 (AS-CRITEO)
11 35.172.99.217 14618 (AMAZON-AES)
5 7 54.198.173.106 14618 (AMAZON-AES)
1 1 211.120.53.202 4694 (IDCF IDC ...)
3 2600:1f18:61c... 14618 (AMAZON-AES)
2 3 169.197.150.8 398989 (DEEPINTENT)
1 2600:141b:b00... 20940 (AKAMAI-ASN1)
2 2 5.161.124.197 213230 (HETZNER-C...)
1 1 131.153.242.59 19437 (SS-ASH)
1 1 35.227.252.103 396982 (GOOGLE-CL...)
1 8.28.7.105 62713 (AS-PUBMATIC)
2 2 54.210.212.83 14618 (AMAZON-AES)
6 34.117.239.71 396982 (GOOGLE-CL...)
8 8 2606:ae80:145... 25751 (VALUECLICK)
1 18.173.219.42 16509 (AMAZON-02)
2 2 23.108.102.2 59253 (LEASEWEB-...)
1 1 45.137.176.88 60350 (VP)
1 1 192.132.33.67 18568 (BIDTELLECT)
2 2 213.19.162.90 26667 (RUBICONPR...)
2 2 173.231.178.83 32475 (SINGLEHOP...)
2 5 216.22.16.56 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 151.101.66.49 54113 (FASTLY)
2 2 35.211.233.246 15169 (GOOGLE)
1 40.76.134.238 8075 (MICROSOFT...)
1 52.6.251.62 14618 (AMAZON-AES)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 2600:9000:230... 16509 (AMAZON-02)
3 4 34.224.244.32 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 3 34.233.0.32 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 52.45.222.163 14618 (AMAZON-AES)
2 2 199.38.167.130 54312 (ROCKETFUEL)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 1 172.104.121.22 63949 (AKAMAI-LI...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 162.55.120.196 24940 (HETZNER-AS)
2 2 184.86.146.172 16625 (AKAMAI-AS)
1 2 34.234.194.189 14618 (AMAZON-AES)
1 54.198.106.196 14618 (AMAZON-AES)
1 52.7.214.91 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 18.160.10.49 16509 (AMAZON-02)
2 2 52.205.240.92 ()
639 152
5    2606:4700:3031::ac43:a4aa (United States)

ASN13335 (CLOUDFLARENET, US)
ls.kurdgozar.fun
3    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:24f3:e400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
28    199.232.193.131 (United States)

ASN54113 (FASTLY, US)
ads.blogherads.com
1    23.7.17.42 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-17-42.deploy.static.akamaitechnologies.com
s.ntv.io
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
literally-media.videoplayerhub.com
1    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:20::681a:623 (United States)

ASN13335 (CLOUDFLARENET, US)
api.b2c.com
115    69.28.187.147 (New York, United States)

ASN22822 (LLNW, US)
PTR: https-69-28-187-147.iad.llnw.net
cdn.ebaumsworld.com
3    2600:1901:0:7ec2::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
memorizematch.com
6    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    3.209.115.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-115-69.compute-1.amazonaws.com
jadserve.postrelease.com
4    18.165.83.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-79.iad55.r.cloudfront.net
sb.scorecardresearch.com
4    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
amp.ebaumsworld.com
6    2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
2    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
ads.shemedia.com
2    50.19.115.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-115-52.compute-1.amazonaws.com
ping.chartbeat.net
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2600:9000:20e2:2000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:201e:bc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:2199:6e00:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
3    54.230.163.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-71.ewr53.r.cloudfront.net
tagan.adlightning.com
1    18.165.83.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-123.iad55.r.cloudfront.net
cdn.adsafeprotected.com
1    99.84.108.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-73.iad79.r.cloudfront.net
cdn.browsiprod.com
2    2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
4    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
4    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    3.162.111.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-111-130.iad61.r.cloudfront.net
c.amazon-adsystem.com
1    35.81.148.56 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-148-56.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    99.84.108.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-35.iad79.r.cloudfront.net
yield-manager.browsiprod.com
2    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co
24    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    34.233.76.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-76-222.compute-1.amazonaws.com
async01.admantx.com
1    54.243.90.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-90-71.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    3.162.125.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-11.iad61.r.cloudfront.net
ats.rlcdn.com
2    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    3.239.232.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-95.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
1    13.32.151.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-81.iad66.r.cloudfront.net
geo.privacymanager.io
1    18.173.132.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-21.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.160.1.134 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-1-134.iad12.r.cloudfront.net
aax.amazon-adsystem.com
10    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    108.138.128.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-63.jfk50.r.cloudfront.net
hb.undertone.com
4    23.92.190.68 (United States)

ASN10913 (INTERNAP-BLK, US)
ap.lijit.com
21    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
5    147.28.146.89 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    34.225.66.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-66-52.compute-1.amazonaws.com
tlx.3lift.com
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
5    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    23.52.161.154 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-154.deploy.static.akamaitechnologies.com
a.teads.tv
3    52.1.107.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-107-55.compute-1.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
8    52.202.166.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-166-126.compute-1.amazonaws.com
g2.gumgum.com
1    23.4.232.54 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-232-54.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    18.160.46.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-85.iad55.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2600:9000:20aa:fc00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
9    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    3.215.169.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-169-119.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
6    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    8.28.7.109 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
12    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
ids.ad.gt
pixels.ad.gt
22    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
32    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
33    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
17    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
19    142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
cm.g.doubleclick.net
4    2607:f350:3:2569:0:10:0:d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
4    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)
00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
4    52.41.55.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-55-219.us-west-2.compute.amazonaws.com
collector.sheknows.com
3    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
18    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    35.241.45.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
54    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
pandg.tapad.com
17    34.203.113.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-113-223.compute-1.amazonaws.com
pbs-cs.yellowblue.io
cs.yellowblue.io
cs-server-s2s.yellowblue.io
3    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    3.228.186.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-186-33.compute-1.amazonaws.com
ads.yieldmo.com
1    23.56.162.28 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-28.deploy.static.akamaitechnologies.com
contextual.media.net
3    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
4    3.91.113.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-113-229.compute-1.amazonaws.com
match.sharethrough.com
1    63.251.28.133 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
17    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
15    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    35.214.146.181 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 181.146.214.35.bc.googleusercontent.com
csync.loopme.me
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
8    23.192.7.104 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-7-104.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
18    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
6    52.22.22.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-22-238.compute-1.amazonaws.com
sync.ipredictive.com
14    54.161.18.58 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-18-58.compute-1.amazonaws.com
match.prod.bidr.io
8    18.235.219.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-219-79.compute-1.amazonaws.com
rtb.gumgum.com
4    3.216.175.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-175-37.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    2600:1f18:4e9:5a01:1124:2146:f275:933 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
7    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
13    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    104.117.182.139 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-139.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    2600:9000:261f:a200:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
19    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    104.18.111.252 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    23.56.212.249 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-212-249.deploy.static.akamaitechnologies.com
acdn.adnxs.com
6    147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)
sync.a-mo.net
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
10    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
15    54.164.245.185 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-245-185.compute-1.amazonaws.com
usr.undertone.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
pixel.advertising.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
7    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
7    207.198.113.90 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    23.203.177.63 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-177-63.deploy.static.akamaitechnologies.com
cw.addthis.com
5    34.193.227.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-227-167.compute-1.amazonaws.com
dpm.demdex.net
2    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    3.231.44.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-44-207.compute-1.amazonaws.com
beacon.krxd.net
6    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
17    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    2600:141b:1c00:f::172c:c9c9 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
5    23.56.213.14 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-213-14.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
3    67.202.105.33 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
20    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
5    50.31.142.63 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
3    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
9    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
11    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
7    54.198.173.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-173-106.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    211.120.53.202 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
3    2600:1f18:61c0:2205:8195:e213:790a:708a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2600:141b:b000::1737:ebe1 (Newark, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
2    5.161.124.197 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.197.124.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
1    131.153.242.59 (United States)

ASN19437 (SS-ASH, US)
id.a-mx.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
2    54.210.212.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-212-83.compute-1.amazonaws.com
t.pswec.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
8    2606:ae80:1450:16::2010 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
pubmatic-match.dotomi.com
triplelift-match.dotomi.com
casale-match.dotomi.com
1    18.173.219.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-42.jfk52.r.cloudfront.net
api-2-0.spot.im
2    23.108.102.2 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 67.bidtellect.com
bttrack.com
2    213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    173.231.178.83 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
5    216.22.16.56 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:bf17:cd18:9a23:846c (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
1    52.6.251.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-251-62.compute-1.amazonaws.com
rtb.adentifi.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2600:9000:2305:7400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    34.224.244.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-244-32.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550e:f339:4051:d8d6:6b16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
3    34.233.0.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-0-32.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.45.222.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-222-163.compute-1.amazonaws.com
pm.w55c.net
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    172.104.121.22 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1731-22.members.linode.com
gocm.c.appier.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    184.86.146.172 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com
px.owneriq.net
2    34.234.194.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-194-189.compute-1.amazonaws.com
thrtle.com
1    54.198.106.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-106-196.compute-1.amazonaws.com
crb.kargo.com
1    52.7.214.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-214-91.compute-1.amazonaws.com
sync.bfmio.com
2    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    18.160.10.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-49.iad12.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
2    52.205.240.92 (None, )

ASN- ()
ads.creative-serving.com
Apex Domain
Subdomains		 Transfer
116 ebaumsworld.com
cdn.ebaumsworld.com — Cisco Umbrella Rank: 253500
amp.ebaumsworld.com — Cisco Umbrella Rank: 493506
7 MB
78 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1222
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
eus.rubiconproject.com — Cisco Umbrella Rank: 951
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989
149 KB
67 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 1215
aud.pubmatic.com — Cisco Umbrella Rank: 39716
image2.pubmatic.com — Cisco Umbrella Rank: 1555
image8.pubmatic.com — Cisco Umbrella Rank: 1098
image4.pubmatic.com — Cisco Umbrella Rank: 2201
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
ads.pubmatic.com — Cisco Umbrella Rank: 811
ow.pubmatic.com — Cisco Umbrella Rank: 2373
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
64 KB
55 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
110 KB
28 blogherads.com
ads.blogherads.com — Cisco Umbrella Rank: 21781
521 KB
27 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2297
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
13 KB
26 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 199
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
170 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 757
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
ssum.casalemedia.com — Cisco Umbrella Rank: 2058
dsum.casalemedia.com — Cisco Umbrella Rank: 2867
18 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
acdn.adnxs.com — Cisco Umbrella Rank: 957
39 KB
23 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1511
events-ssc.33across.com — Cisco Umbrella Rank: 2724
6 KB
22 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
9 KB
22 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270
cs.seedtag.com — Cisco Umbrella Rank: 14340
17 KB
20 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 28696
5 KB
20 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
7 KB
20 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
10 KB
18 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
8 KB
18 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
pandg.tapad.com — Cisco Umbrella Rank: 3623
4 KB
18 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 5043
cdn.undertone.com — Cisco Umbrella Rank: 4968
usr.undertone.com — Cisco Umbrella Rank: 3347
10 KB
17 yellowblue.io
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 7148
cs.yellowblue.io — Cisco Umbrella Rank: 2654
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3407
8 KB
16 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
a.ad.gt — Cisco Umbrella Rank: 2414
p.ad.gt — Cisco Umbrella Rank: 2978
ids.ad.gt — Cisco Umbrella Rank: 2233
pixels.ad.gt — Cisco Umbrella Rank: 2669
19 KB
14 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
7 KB
14 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 2055
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
csync.smartadserver.com — Cisco Umbrella Rank: 4310
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
26 KB
14 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
14 KB
14 amazon-adsystem.com
z-na.amazon-adsystem.com Failed
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
14 KB
13 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
sync.a-mo.net
assets.a-mo.net — Cisco Umbrella Rank: 2362
11 KB
12 adform.net
cm.adform.net — Cisco Umbrella Rank: 1664
c1.adform.net — Cisco Umbrella Rank: 1001
track.adform.net — Cisco Umbrella Rank: 4333
6 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
dis.eu.criteo.com — Cisco Umbrella Rank: 16038
dis.criteo.com — Cisco Umbrella Rank: 943
10 KB
10 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3770
api.permutive.com — Cisco Umbrella Rank: 2986
386 KB
9 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2667
4 KB
9 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
u.openx.net — Cisco Umbrella Rank: 1108
rtb.openx.net — Cisco Umbrella Rank: 1007
1 KB
8 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 7705
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
triplelift-match.dotomi.com — Cisco Umbrella Rank: 7964
casale-match.dotomi.com — Cisco Umbrella Rank: 6434
3 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
42 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
3 KB
7 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
5 KB
7 rlcdn.com
api.rlcdn.com Failed
ats.rlcdn.com — Cisco Umbrella Rank: 6762
idsync.rlcdn.com — Cisco Umbrella Rank: 764
id.rlcdn.com — Cisco Umbrella Rank: 1360
38 KB
6 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
4 KB
6 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 7435
148 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
43 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 979
i6.liadm.com — Cisco Umbrella Rank: 4366
3 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
3 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
3 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
41 KB
5 kurdgozar.fun
ls.kurdgozar.fun
139 KB
4 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2466
ad.360yield.com — Cisco Umbrella Rank: 995
2 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1467
987 B
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
1 KB
4 sheknows.com
collector.sheknows.com — Cisco Umbrella Rank: 26223
374 B
4 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1696
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
301 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
cms.quantserve.com — Cisco Umbrella Rank: 1348
11 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
177 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
3 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2881
1 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
1 KB
3 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2450
541 B
3 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2424
hde.tynt.com — Cisco Umbrella Rank: 4884
7 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
3 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
1 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
3 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
2 KB
3 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 10241
match.justpremium.com — Cisco Umbrella Rank: 6905
6 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
2 KB
3 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 10701
events.browsiprod.com — Cisco Umbrella Rank: 9291
yield-manager.browsiprod.com — Cisco Umbrella Rank: 10295
11 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 3891
83 KB
3 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 988
cdn.adsafeprotected.com — Cisco Umbrella Rank: 5466
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190
8 KB
3 memorizematch.com
memorizematch.com — Cisco Umbrella Rank: 502550
26 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2311
mab.chartbeat.com — Cisco Umbrella Rank: 3573
26 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
237 KB
3 gstatic.com
fonts.gstatic.com
55 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 10897
967 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
684 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3952
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1485
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3766
967 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
771 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
1011 B
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2711
1 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 7923
1 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 4814
557 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1758
1 KB
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
675 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
878 B
2 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 6156
854 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2818
574 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1067
cdn.indexww.com — Cisco Umbrella Rank: 2632
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
773 B
2 pghub.io
pghub.io — Cisco Umbrella Rank: 3037
feed.pghub.io — Cisco Umbrella Rank: 3394
6 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
60 KB
2 cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
122 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1643
401 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
18 KB
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
204 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3435
555 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1708
358 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 12362
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8481
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7580
360 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 4327
434 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2123
739 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2278
674 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 539
687 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
458 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
487 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2030
285 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9298
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 3411
4 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1566
422 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2147
770 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3351
457 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2556
536 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3475
3 KB
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
830 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 5654
287 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
650 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
514 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
616 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1057
510 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
276 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2313
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623
17 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1674
615 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2674
608 B
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5930
682 B
1 admantx.com
async01.admantx.com — Cisco Umbrella Rank: 54136
437 B
1 prmutv.co
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co — Cisco Umbrella Rank: 46396
218 B
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 31832
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
643 B
1 shemedia.com
ads.shemedia.com — Cisco Umbrella Rank: 25667
781 B
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 8106
923 B
1 b2c.com
api.b2c.com — Cisco Umbrella Rank: 20658
468 B
1 videoplayerhub.com
literally-media.videoplayerhub.com — Cisco Umbrella Rank: 518663
464 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 5818
164 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 708
33 KB
0 mdhv.io Failed
jelly.mdhv.io Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 adsymptotic.com Failed
p.adsymptotic.com Failed
639 145
Domain Requested by
115 cdn.ebaumsworld.com ls.kurdgozar.fun
54 id5-sync.com 47 redirects cdn.id5-sync.com
28 ads.blogherads.com ls.kurdgozar.fun
ads.blogherads.com
22 match.adsrvr.org 22 redirects
21 s.seedtag.com ads.blogherads.com
cs.seedtag.com
hde.tynt.com
ads.pubmatic.com
20 simage2.pubmatic.com 8 redirects ads.pubmatic.com
cs.seedtag.com
19 eb2.3lift.com 4 redirects ads.blogherads.com
eb2.3lift.com
rtb.gumgum.com
19 cm.g.doubleclick.net 14 redirects pbs-cs.yellowblue.io
eb2.3lift.com
rtb.gumgum.com
18 eus.rubiconproject.com pbs-cs.yellowblue.io
eus.rubiconproject.com
ads.blogherads.com
cdn.undertone.com
cs.seedtag.com
assets.a-mo.net
hde.tynt.com
visitor.omnitagjs.com
18 x.bidswitch.net 18 redirects
17 ssc-cms.33across.com 9 redirects hde.tynt.com
de.tynt.com
17 pixel.rubiconproject.com 12 redirects pbs-cs.yellowblue.io
17 pixel.tapad.com 11 redirects pandg.tapad.com
pbs-cs.yellowblue.io
cdn.undertone.com
rtb.gumgum.com
16 token.rubiconproject.com 8 redirects eus.rubiconproject.com
15 usr.undertone.com cdn.undertone.com
15 image8.pubmatic.com 13 redirects ads.pubmatic.com
15 cs.yellowblue.io pbs-cs.yellowblue.io
15 ib.adnxs.com 7 redirects cdn.permutive.com
ads.blogherads.com
pbs-cs.yellowblue.io
eb2.3lift.com
acdn.adnxs.com
14 match.prod.bidr.io 14 redirects
13 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
13 ups.analytics.yahoo.com 12 redirects assets.a-mo.net
12 visitor.omnitagjs.com 1 redirects cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
12 image2.pubmatic.com 6 redirects ads.pubmatic.com
11 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
10 ce.lijit.com 10 redirects
10 ids.ad.gt 1 redirects
10 prebid-server.rubiconproject.com ads.blogherads.com
pbs-cs.yellowblue.io
cdn.undertone.com
ssum-sec.casalemedia.com
eb2.3lift.com
9 c1.adform.net 9 redirects
9 sync.richaudience.com 3 redirects cs.seedtag.com
sync.richaudience.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 ssum-sec.casalemedia.com 3 redirects cdn.undertone.com
js-sec.indexww.com
ssum-sec.casalemedia.com
ads.blogherads.com
sync.richaudience.com
9 secure.adnxs.com 9 redirects
8 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
8 rtb.gumgum.com 7 redirects pre.ads.justpremium.com
8 secure-assets.rubiconproject.com 8 redirects
8 g2.gumgum.com ads.blogherads.com
8 api.permutive.com cdn.permutive.com
7 sync.srv.stackadapt.com 5 redirects eb2.3lift.com
7 pixel-sync.sitescout.com 7 redirects
7 s.amazon-adsystem.com 2 redirects pbs-cs.yellowblue.io
ssum-sec.casalemedia.com
ads.pubmatic.com
eb2.3lift.com
7 pr-bh.ybp.yahoo.com 3 redirects rtb.gumgum.com
ssum-sec.casalemedia.com
7 us-u.openx.net 6 redirects cs.seedtag.com
6 events-ssc.33across.com hde.tynt.com
ads.pubmatic.com
6 sync.a-mo.net ads.blogherads.com
rtb.gumgum.com
6 sync.ipredictive.com 6 redirects
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 sync.1rx.io 6 redirects
6 www.lightboxcdn.com www.googletagmanager.com
ls.kurdgozar.fun
www.lightboxcdn.com
6 www.google-analytics.com ls.kurdgozar.fun
www.googletagmanager.com
ads.blogherads.com
www.google-analytics.com
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 creativecdn.com 5 redirects
5 b1sync.zemanta.com 5 redirects
5 ads.pubmatic.com cs.seedtag.com
rtb.gumgum.com
hde.tynt.com
sync.richaudience.com
5 idsync.rlcdn.com 3 redirects cdn.undertone.com
5 dpm.demdex.net 3 redirects cdn.undertone.com
5 fastlane.rubiconproject.com ads.blogherads.com
5 prebid.a-mo.net ads.blogherads.com
pbs-cs.yellowblue.io
5 ls.kurdgozar.fun ls.kurdgozar.fun
4 i.liadm.com 3 redirects ssum-sec.casalemedia.com
4 dis.criteo.com 4 redirects
4 image4.pubmatic.com 3 redirects rtb.gumgum.com
4 csync.loopme.me 4 redirects
4 match.sharethrough.com 2 redirects pbs-cs.yellowblue.io
ssbsync.smartadserver.com
4 collector.sheknows.com ads.blogherads.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 sync.go.sonobi.com 4 redirects
4 ap.lijit.com 1 redirects ads.blogherads.com
visitor.omnitagjs.com
4 www.facebook.com ls.kurdgozar.fun
4 securepubads.g.doubleclick.net ads.blogherads.com
tagan.adlightning.com
securepubads.g.doubleclick.net
4 connect.facebook.net ls.kurdgozar.fun
connect.facebook.net
4 sb.scorecardresearch.com 1 redirects ls.kurdgozar.fun
3 simage4.pubmatic.com ads.pubmatic.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 match.deepintent.com 2 redirects ssum-sec.casalemedia.com
3 d.adroll.com ssum-sec.casalemedia.com
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 aax-eu.amazon-adsystem.com 2 redirects pbs-cs.yellowblue.io
3 ice.360yield.com 3 redirects
3 onetag-sys.com pbs-cs.yellowblue.io
cs.seedtag.com
visitor.omnitagjs.com
3 ad.turn.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects visitor.omnitagjs.com
3 bh.contextweb.com 3 redirects
3 tpc.googlesyndication.com tagan.adlightning.com
3 sync.smartadserver.com 2 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 tagan.adlightning.com ads.blogherads.com
tagan.adlightning.com
3 memorizematch.com ls.kurdgozar.fun
memorizematch.com
3 www.googletagmanager.com ls.kurdgozar.fun
www.googletagmanager.com
ads.blogherads.com
3 fonts.gstatic.com ls.kurdgozar.fun
2 casale-match.dotomi.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 pmp.mxptint.net 1 redirects cs.seedtag.com
2 thrtle.com 1 redirects cs.seedtag.com
2 px.owneriq.net 2 redirects
2 p.rfihub.com 2 redirects
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 2 redirects
2 triplelift-match.dotomi.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 pixel-eu.rubiconproject.com 2 redirects
2 inv-nets.admixer.net 2 redirects
2 33across-match.dotomi.com 2 redirects
2 t.pswec.com 2 redirects
2 sync-dmp.mobtrakk.com 2 redirects
2 assets.a-mo.net sync.a-mo.net
assets.a-mo.net
2 t.adx.opera.com 2 redirects
2 cm.adform.net cs.seedtag.com
2 de.tynt.com 1 redirects visitor.omnitagjs.com
2 beacon.krxd.net cdn.undertone.com
2 tags.bluekai.com cdn.undertone.com
2 cw.addthis.com cdn.undertone.com
2 sync.crwdcntrl.net 2 redirects
2 um.simpli.fi 2 redirects
2 pixel.advertising.com 2 redirects
2 dis.eu.criteo.com 2 redirects
2 cdn.undertone.com ads.blogherads.com
2 px.ads.linkedin.com pbs-cs.yellowblue.io
eb2.3lift.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 gum.criteo.com 1 redirects tagan.adlightning.com
2 static.criteo.net ads.blogherads.com
static.criteo.net
2 a.ad.gt tagan.adlightning.com
p.ad.gt
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 id.hadron.ad.gt cdn.hadronid.net
2 pre.ads.justpremium.com ads.blogherads.com
2 www.google.com ls.kurdgozar.fun
tagan.adlightning.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 c.amazon-adsystem.com ads.blogherads.com
2 cdn.permutive.com ads.blogherads.com
cdn.permutive.com
2 ad-delivery.net ls.kurdgozar.fun
2 ping.chartbeat.net ls.kurdgozar.fun
2 jadserve.postrelease.com 1 redirects s.ntv.io
2 static.chartbeat.com ls.kurdgozar.fun
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 track.adform.net sync.richaudience.com
1 synchroscript.deliveryengine.adswizz.com
1 match.adsby.bidtheatre.com 1 redirects
1 sync.bfmio.com cs.seedtag.com
1 crb.kargo.com cs.seedtag.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 sync.mathtag.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 c.bing.com eb2.3lift.com
1 i6.liadm.com ssum-sec.casalemedia.com
1 s.ad.smaato.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb.adentifi.com rtb.gumgum.com
1 us01.z.antigena.com rtb.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 id.rlcdn.com visitor.omnitagjs.com
1 bttrack.com 1 redirects
1 cs-server-s2s.yellowblue.io visitor.omnitagjs.com
1 sync.adotmob.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 ow.pubmatic.com
1 ssum.casalemedia.com 1 redirects
1 rtb.openx.net 1 redirects
1 id.a-mx.com 1 redirects
1 ced-ns.sascdn.com csync.smartadserver.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 tg.socdm.com 1 redirects
1 event.clientgear.com 1 redirects
1 u.openx.net 1 redirects
1 ad.360yield.com cs.seedtag.com
1 hde.tynt.com cs.seedtag.com
1 match.justpremium.com pre.ads.justpremium.com
1 acdn.adnxs.com ads.blogherads.com
1 js-sec.indexww.com ads.blogherads.com
1 cs.seedtag.com ads.blogherads.com
1 hb.yahoo.net pbs-cs.yellowblue.io
1 ads.stickyadstv.com 1 redirects
1 contextual.media.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 pbs-cs.yellowblue.io ads.blogherads.com
1 pandg.tapad.com pghub.io
1 feed.pghub.io 1 redirects
1 pghub.io ads.blogherads.com
1 mug.criteo.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 pixels.ad.gt tagan.adlightning.com
1 00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 p.ad.gt a.ad.gt
1 aud.pubmatic.com
1 dyv1bugovvq1g.cloudfront.net ads.blogherads.com
1 cdn.id5-sync.com tagan.adlightning.com
1 cdn.hadronid.net ls.kurdgozar.fun
1 tags.crwdcntrl.net tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 bidder.criteo.com ads.blogherads.com
1 a.teads.tv ads.blogherads.com
1 htlb.casalemedia.com ads.blogherads.com
1 tlx.3lift.com ads.blogherads.com
1 hb.undertone.com ads.blogherads.com
1 aax.amazon-adsystem.com ads.blogherads.com
1 config.aps.amazon-adsystem.com tagan.adlightning.com
1 geo.privacymanager.io ats.rlcdn.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 ats.rlcdn.com ads.blogherads.com
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 async01.admantx.com ads.blogherads.com
1 analytics.google.com www.googletagmanager.com
1 3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co cdn.permutive.com
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 events.browsiprod.com cdn.browsiprod.com
1 pixel.quantserve.com ls.kurdgozar.fun
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 cdn.browsiprod.com ads.blogherads.com
1 cdn.adsafeprotected.com ads.blogherads.com
1 d15kdpgjg3unno.cloudfront.net ads.blogherads.com
1 rules.quantcount.com secure.quantserve.com
1 ads.shemedia.com ads.blogherads.com
1 ad.doubleclick.net ls.kurdgozar.fun
1 api.btloader.com literally-media.videoplayerhub.com
1 static.adsafeprotected.com ls.kurdgozar.fun
1 mab.chartbeat.com static.chartbeat.com
1 cdn.speedcurve.com www.googletagmanager.com
1 amp.ebaumsworld.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 api.b2c.com ls.kurdgozar.fun
1 btloader.com ls.kurdgozar.fun
1 literally-media.videoplayerhub.com 1 redirects
1 s.ntv.io ls.kurdgozar.fun
1 ajax.googleapis.com ls.kurdgozar.fun
0 jelly.mdhv.io Failed ssum-sec.casalemedia.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 p.adsymptotic.com Failed cdn.undertone.com
0 api.rlcdn.com Failed ads.blogherads.com
0 z-na.amazon-adsystem.com Failed ls.kurdgozar.fun
639 234
Subject Issuer Validity Valid
kurdgozar.fun
E1		 2024-01-09 -
2024-04-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.blogherads.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-07 -
2024-10-08		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
b2c.com
Cloudflare Inc ECC CA-3		 2023-09-09 -
2024-09-08		 a year crt.sh
*.ebaumsworld.com
Go Daddy Secure Certificate Authority - G2		 2023-11-03 -
2024-11-15		 a year crt.sh
memorizematch.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-19 -
2024-01-17		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
sni12ea7gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-20 -
2024-04-19		 a year crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3		 2023-10-09 -
2024-10-08		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.shemedia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-07 -
2024-10-08		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
*.browsiprod.com
Amazon RSA 2048 M03		 2023-12-15 -
2025-01-12		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-10-31 -
2024-06-27		 8 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.gobrowsi.com
Amazon RSA 2048 M02		 2023-12-20 -
2025-01-16		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.admantx.com
SSL.com RSA SSL subCA		 2023-04-18 -
2024-05-18		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.a-mo.net
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
tracking.justpremium.com
Amazon RSA 2048 M03		 2023-12-27 -
2025-01-24		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-12-03 -
2024-03-02		 3 months crt.sh
a.ad.gt
E1		 2023-12-12 -
2024-03-11		 3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.sheknows.com
Amazon RSA 2048 M01		 2023-05-20 -
2024-06-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-02 -
2024-08-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-13		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-06		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M03		 2023-09-09 -
2024-10-07		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh

This page contains 87 frames:

Primary Page: https://ls.kurdgozar.fun/
Frame ID: 40A200B3CE8ABDFAE8184362E32E768B
Requests: 309 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: BF3710A6C83FE94B857772D71C7059FA
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/lightbox.js?mb=1704824441549&lv=1
Frame ID: 499EF2AB27767B56F32C2046115A111C
Requests: 2 HTTP requests in this frame

Frame: https://00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55608B869EA0382CCED222AB35FA135B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ls.kurdgozar.fun&us_privacy=1---
Frame ID: 1F41EB07893833E855832E09BB80BFC9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 836C32CE3828D2E3E2F7E1BBA7ED11CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F6B5DC45F517371CCDA9807122EC7E7F
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22entertainment%22%7D
Frame ID: 4E38F47CE9BA7FB337C762ED0097F959
Requests: 2 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Frame ID: 9A2788E24CC8B3E10CD87F8EFF2520BD
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: 1DD1E6A176EC97DE1AF1078D436DBD32
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 07172D96C7BF58FFE929B211D0A5CBB6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: 5D1E0928BA14709DB55ECADFAC8F84D1
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 61DED7B1DAAC83D2AE24E4A89C610271
Requests: 11 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Frame ID: 489FADD87A90E5B4E035D80F3E5AD154
Requests: 17 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8FF47D8A2639F55BEEB4D510CBB662A9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 370F9BD1D3B30C47840BC9E7826270C2
Requests: 3 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 1E8CF4B5125DB494A6E2DBFB1A6F6F1F
Requests: 14 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CroBShBscy5rdXJkZ296YXIuZnVuUgthYXMtMTRiMDRmZVoIcGJhMS4zLjNqEGxzLmt1cmRnb3phci5mdW76AQU4LjcuMOgCAYgD-5z2rAaoAzrqAyQ0Mjc1OTQzYS1iMThmLTQxOWYtYjcyNy01MjA0NWU5ZWMwMGWqBANEQ0iyBQNVU0TSBQQxMTI22AUA4AUA6gUHZGVza3RvcPoFBGRjMTOqBwN3ZWLKBw1rdXJkZ296YXIuZnVu4AcB
Frame ID: AE92BDBAB6FA6821A147A249B7FBB85C
Requests: 16 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a6xgjd1704824443302&usPrivacy=1---
Frame ID: 646668D874093BC2D2E39B274A0D4ED7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: E36A81E0901CEF57E86B92CBB6510969
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1---%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1---&C=1
Frame ID: CB175B130AEB620F82B267C68930C8AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
Frame ID: 767ABFF38E2BE1154796260BE51D923F
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Frame ID: 056AF3C3EB6A97C8A4769E2FDE364010
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 9014732DF9D3236080A42FF60F99163C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 79992D0C8FBCE2464FB91BFF94B1BE9F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 01690AF607CB90B13D8F3A4E093CF0CB
Requests: 4 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 0AC4C2727D2243CFCE62062A8A2F06A9
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: 6CB96B7D8C8EBF4C44D21BEABEA8B37D
Requests: 10 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: 99CBDBCE36CDFADD900071140A2BFD74
Requests: 4 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Frame ID: E0A4F83CF91306F090C19670A4CB68C0
Requests: 6 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Frame ID: 0BF5D1FF3776FC5AAF4CB6A6E76381CC
Requests: 21 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: 5BCE05969782A2D61772F048A874935F
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
Frame ID: 8AE51C41D388F8B211B608368632E772
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=DC0qnwBLqTA2&ev=1&us_privacy=1---&pid=562983
Frame ID: EBAFC85ED308ADBDF4FD5059592709EA
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3CF3B6747FE01BD52C5EA8450F9D9BC9
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=4808172105229473040&gdpr=0&gdpr_consent=
Frame ID: 9CCE7083F7D99848EC5619CEB21B1151
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83OTU1ZWNkMi1iZDgxLTRjN2UtOTNiMC1iMWU3ZmJiNzAzNjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 73A92FF091992AF32C7EC19625E574CD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2F377C7756FC9D4F1FA0EEBBD6D54605
Requests: 17 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Frame ID: 0AB8DDCA439598670AF8E35843B920D9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZZ2Of8Co5ukAAG3wG44AAAAA
Frame ID: 24F7A02821D8DA7532ACA91B4C13AF30
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Frame ID: 81C5906D5DE193A8A49F9F0D413F4194
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: C85E4B519AF08B1E8F2577F65E740EC8
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: CBC7984081CB4B25CED73376C826EFBD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: EA71A54C57B4F6651D6466A9220B93B6
Requests: 4 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Frame ID: DEEF0517EE6BA82814C3E66D94A06956
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 7BC584FF95A61F3097A140FC6E0F67EB
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 859339FE0BA1EB49497D0514A6720C13
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 57FA9FD4D7BE40B65450FABC7609EA40
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: B60F7334399DA15E50F3CDA357EFFDCE
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BC5D1A00-930F-464F-9EB1-22F01C98B67F&redir=true&gdpr=0&gdpr_consent=
Frame ID: 7BCB842A62E151BC6B75C78EC9E35DAF
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: E0B3614975A09EED7B430F3AA49A3E7E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPHU7LOx0AABPb3P8NtA&gdpr=0&gdpr_consent=
Frame ID: EC4E9D345CA2BD7B786A28388014E050
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ2OfwANSE41gQBd
Frame ID: 80273215989B4305561C385214C73750
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7520810513224092898&gdpr=0&gdpr_consent=
Frame ID: 2FEAD9FAB9F7C822C6E0C11F0F0C6BFB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 174210300359D8CCB6547AEA5B0C1664
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: 57B5BD85D9F84C267C5E7E7A0B44650C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704824447076.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Frame ID: 8EF65E17EDD50A3970A3AED33281D495
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: 133D9CEBFFE3EDF70CEB3EE7F53B9BF6
Requests: 12 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_52c322e525534ac1bdc82
Frame ID: E882B9B1A1D95DF96E3955F8CDD64498
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5
Frame ID: 9CD21AD16DD1C37CA697404C4EC51597
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pey8Kix61RngIy5&gdpr=0&gdpr_consent=
Frame ID: C6E3C1EE6BB326E03152091C2D19A3C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Frame ID: 62343041445F5B93EB7F9E87F96DBEB9
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: 39B7964D137CAD8272ED2F26B72DF7EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: BE2FE9823CBA1ADB154109A09917935F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477423030163126
Frame ID: D8C83F454CD09EC23AB4521B3804ADCF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1D7E15EAE383B27BDFD821C68B4522D3
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 39C815A81A54E55A71DD4D40347A89C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874946162095
Frame ID: 4CBC6432910DEF0A072AA1DACD42CF80
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU217ad19eed6f4568986ccaa6fd566470
Frame ID: 73C2C04AFB990B9D4366C55AD7E2473D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: B7CDFEB6554108C0EC79C115FAB57F64
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:edf8659d-8e82-4c00-8185-6c25c035f5d1&gdpr=0&gdpr_consent=
Frame ID: 20F79B6449A3747DF33D9E8F4503DB4E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GrGlv7bdAae_AMmvgo6dZQ
Frame ID: 6B6527283784535447F14F456CC3D43B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Frame ID: EB83C774B4AAE656BB4103A6D8EDB7FD
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: A5D6D7ED03304BCB91A9B2AF471AA193
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 61E8E217474DDFBA9D4418F785B464DB
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: B652A098DC45FBAC1D756A1A69D7A042
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581108501708409104
Frame ID: 0C26607289DF43ED220C7FB4EB680B67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB&gdpr=0&gdpr_consent=
Frame ID: D3A6826F365A6F5E472C3E98421502B3
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: EA0CED512018CCEAAFF5F7BD74ECA7E6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: BD5BF4305A220001F432856D79F1F7B4
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: C980D5BE5C9808176F090AB0D0A7FAA7
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: B794ECDEBACDEB22547CB0B9C1CE979B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Frame ID: 4A3D4253D66094A351EEA107ED046B19
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Frame ID: 49A9FD9B132A8309C804D311F173C8E7
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: 88C2CE10EAF80CDD661DC7B5A07B412D
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: DC559AC2E2C47376614105FDBBCEDDD4
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Frame ID: DDA2FF4A3AB14A31231C3D4B6D96C3B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Funny Pictures, Funny Videos | eBaum's World

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

639
Requests

72 %
HTTPS

27 %
IPv6

145
Domains

234
Subdomains

152
IPs

13
Countries

10476 kB
Transfer

17654 kB
Size

317
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://literally-media.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=literally-media&upapi=true
Request Chain 124
  • https://sb.scorecardresearch.com/b?c1=2&c2=15131799&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441351&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15131799&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441351&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&c9=
Request Chain 262
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D&cb=1704824443693&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Request Chain 268
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21143%2C21967 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21143%2C21967&rdf=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21143,21967
Request Chain 272
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&adnxs_id=7520810513224092898&gdpr=0
Request Chain 273
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704824444-0ET2DF8K-AF2Z&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704824444-0ET2DF8K-AF2Z&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
Request Chain 274
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BC5D1A00-930F-464F-9EB1-22F01C98B67F&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
Request Chain 275
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704824444-0ET2DF8K-AF2Z&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&rub=LR6OGFBQ-17-B2QO&gdpr=0
Request Chain 276
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001704824444-0ET2DF8K-AF2Z%252526tapad_id%25253Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001704824444-0ET2DF8K-AF2Z%2526tapad_id%253Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&tapad_id=d9463951-a6be-4f6f-8739-d6925d9ef1b7
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&google_gid=CAESEDaA9-AqrVwm4CAt9NceXdI&google_cver=1&google_ula=450542624,0
Request Chain 278
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDgyNDQ0NC0wRVQyREY4Sy1BRjJa
Request Chain 279
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&uid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0
Request Chain 280
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 290
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=7520810513224092898
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=10278&us_privacy=1---&gpp_sid=&gpp= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=10278&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 303
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kurdgozar.fun&sn=ChromeSyncframe&so=0&topUrl=ls.kurdgozar.fun&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-X6SQHxUWllJbkhwc3V2SUUyUnlieTB4UjBKNmhDcXkwNnVFdkFzWWlaR0pkUGM5aVNONlUzc1JkcUx5WVpDMDhQTlZPOHhKTCtGU2xlcUJHTC9oWG5ncTEzbWhLNm45eVhjTTVjakxrVHZ2UnNac0kvS3JWd0VLVmcxRC91dmZIMUd2VlMrNDhHMVpIYm11bTlMZ0poSk9qd2JFdlNtR0dLaGxkSFk4azFMRXZtYU14Vm1OQnRtaUN2b3lHSnNPOFVVaU5nSVdwMXFWNVFKLzNuTkpXRkUzQVNUS2VyT0FDQW0rZGxmcllCd2V0anVkYWJMVXc3bVF2emJmM0dqN1NNaHdId1dUdlBrUTVkMnYvb1pVYXBORXRGMVc2MHNRTTl2b0tLRUJnSlhGUVNJQT18&cppv=2
Request Chain 304
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
Request Chain 309
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22entertainment%22%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22entertainment%22%7D
Request Chain 312
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11592&uid=DC0qnwBLqTA2&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 313
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs.yellowblue.io/cs?aid=115667&uid=d13a5057-a213-4831-b305-d5d971a86bc9
Request Chain 314
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs.yellowblue.io/cs?aid=11584&uid=VERy1EEPPyEHC6ZS3uJP&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 315
  • https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E HTTP 302
  • https://cs.yellowblue.io/cs?aid=11585&id=3478260481523803000V10
Request Chain 316
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
Request Chain 317
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=8280212633832615062&gdpr=0&gdpr_consent=
Request Chain 318
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
Request Chain 319
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=f52ed82ee2697ffb22b2f840e85f41e&gdpr_consent=&gdpr=0
Request Chain 320
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs.yellowblue.io/cs?aid=11580&puid=212413095182627
Request Chain 321
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkM1RDFBMDAtOTMwRi00NjRGLTlFQjEtMjJGMDFDOThCNjdG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENqAmulhs6JoCDEPgUeOLNs&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Request Chain 322
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D HTTP 307
  • https://cs.yellowblue.io/cs?aid=11571&id=aefee888-7301-4377-bec7-2b0b76abcc15&gdpr_consent=null&gdpr=0
Request Chain 323
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11596&id=7520810513224092898&gdpr=0&gdpr_consent=
Request Chain 324
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6448322022 HTTP 302
  • https://sync.1rx.io/usersync/turn/4430111625358761738?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Request Chain 325
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs.yellowblue.io/cs?aid=11563&id=19de2a71-eddd-4a16-9e0c-37b31689db19
Request Chain 327
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 329
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Request Chain 330
  • https://id5-sync.com/i/1173/8.gif?id5id=ID5*MuOSyWCpd946vhMAcTCaclkNzbsiy7UD3OH-dKYxkpJ7N2I1Xb6EmTRmvMTy_jVjezhtcs6z8t4UFw4S5VWx4g&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1173/429/7/2.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/796/6/3.gif?puid=f47c7649-b3c5-43a5-9583-4631c7f3a88e&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/1173/434/5/4.gif?puid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/108/4/5.gif?puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1173/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/2/3/6.gif?puid=7520810513224092898&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F441%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/441/1/8.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F0%2F9.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F0%2F9.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/1173/124/0/9.gif?puid=74b74793-1244-4150-93c4-1944e6adcd3e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 335
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 336
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 337
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/eaTKALVjn3W0UKq6ec1M0sn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jOE_u1VE2oINv19RYGE1IqqMdPZY_Xt44ld_Iw--~A
Request Chain 338
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR6OGFBQ-17-B2QO&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDsygjTbuVcQfHve-jWvCCM&google_cver=1
Request Chain 340
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W2GcfEDCTDmOeiqE-_Adzg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W2GcfEDCTDmOeiqE-_Adzg
Request Chain 341
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2T0dGQlEtMTctQjJRTw==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBkUPXGRPKYq5MAq5BpTAM4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T0dGQlEtMTctQjJRTw==&google_push=
Request Chain 342
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VS-bHUhAQXawLxDgxJTeXg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VS-bHUhAQXawLxDgxJTeXg
Request Chain 343
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVhMmY0ZTA3ZTA1ZmY0M2NiNDk3NTU1NmY4MTI0MTA4OWFhYjcyZg&us_privacy=1---
Request Chain 344
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent=&expires=30
Request Chain 345
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABPHU7LOx0AABPb3P8NtA&expires=30
Request Chain 346
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 347
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 348
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f47c7649-b3c5-43a5-9583-4631c7f3a88e&expires=30&us_privacy=1---
Request Chain 349
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 350
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR6OGFBQ-17-B2QO&redir=true&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR6OGFBQ-17-B2QO&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1FM1ZOczJkRTJ1RUVWdmhkZGhnQVRxSUtqV0w2RDc2cn5B&ovsid=LR6OGFBQ-17-B2QO&us_privacy=1---&dpid=58160
Request Chain 351
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 354
  • https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Request Chain 362
  • https://id5-sync.com/s/441/9.gif?puid=u_7fbc3802-14ac-4a38-90b1-bb5440f5d311&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/7/3.gif?puid=7520810513224092898&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/5/5.gif?puid=aada912d-ad00-4845-9f80-53cace5b5ff7&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/4/6.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7520810513224092898&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1246/3/7.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1242/2/8.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1245/1/9.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Request Chain 363
  • https://id5-sync.com/s/441/9.gif?puid=u_4e802fd2-c518-4eb2-a830-6365095f7c61&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%% HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F7%2F3.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/7/3.gif?puid=aada912d-ad00-4845-9f80-53cace5b5ff7&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F5%2F5.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/5/5.gif?puid=74b74793-1244-4150-93c4-1944e6adcd3e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7520810513224092898&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1246/3/7.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1245/2/8.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AABPHU7LOx0AABPb3P8NtA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1241/0/10.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
Request Chain 364
  • https://id5-sync.com/s/441/9.gif?puid=u_04d89d88-b909-4f90-a5af-813ece0507af&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
Request Chain 365
  • https://id5-sync.com/s/441/9.gif?puid=u_3ae3727d-be2f-447d-92f2-8d0d5761306b&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/7/3.gif?puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Request Chain 366
  • https://id5-sync.com/s/441/9.gif?puid=u_2f179176-24d3-4879-9496-af0a6574ebc8&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%% HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/7/3.gif?puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1242/5/5.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
Request Chain 367
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1--- HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1---%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1---&C=1
Request Chain 368
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
Request Chain 369
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1--- HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1---bab351c0-3a9d-4b30-bfce-74e6c08c2f08
Request Chain 370
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1--- HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1--- HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A&us_privacy=1---
Request Chain 371
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
Request Chain 372
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1--- HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 373
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&us_privacy=1--- HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DBC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Request Chain 374
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1--- HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1--- HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553%2526us_privacy%253D1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553%26us_privacy%3D1--- HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&us_privacy=1---
Request Chain 375
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1---&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Request Chain 378
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
Request Chain 380
  • https://idsync.rlcdn.com/403716.gif?partner_uid=3xlemq1rk34hwg8ve1e5fyh4t HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI_pz2rAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI_pz2rAYSBAgCEABCAEoA&google_gid=CAESENTR29thblLo5fTXNXLeEdU&google_cver=1 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06684537
Request Chain 382
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=3xlemq1rk34hwg8ve1e5fyh4t HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
Request Chain 385
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&us_privacy=1--- HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212&ex_uid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368
Request Chain 387
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
Request Chain 389
  • https://idsync.rlcdn.com/403716.gif?partner_uid=3xlemq1rk34hwg8ve1e5fyh4t HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTN4bGVtcTFyazM0aHdnOHZlMWU1ZnloNHQQABoNCP6c9qwGEgUI6AcQAEIASgA HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a4184981-f775-4133-8a32-ebd20ebb6e82
Request Chain 391
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=3xlemq1rk34hwg8ve1e5fyh4t HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
Request Chain 392
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 393
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 394
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=bab351c0-3a9d-4b30-bfce-74e6c08c2f08
Request Chain 395
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A
Request Chain 396
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
Request Chain 397
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO
Request Chain 398
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DBC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Request Chain 399
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D54%2526uid%253D0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
Request Chain 400
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Request Chain 401
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 404
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 405
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Request Chain 408
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
Request Chain 409
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=DC0qnwBLqTA2&ev=1&us_privacy=1---&pid=562983
Request Chain 411
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7520810513224092898
Request Chain 412
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=8280212633832615062
Request Chain 413
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&puid=&s=2&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=so3_KrGlzcHbAuaMi-62&gdpr=0&us_privacy=1---
Request Chain 414
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=seedtag&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&google_hm=M2FlYmE0ZjUtNzdmOS00YWRiLTk0MDAtZThkYTJmYTZkNWU3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEI7t3iJVGewR7x-s3NPBlxQ&google_cver=1&ssp=seedtag&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=
Request Chain 416
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D&rd=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=6d8b775f-2de4-4513-be28-1zz1704824352
Request Chain 418
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Request Chain 419
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Request Chain 421
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H9rsaBZHS1_DxDIGQwucF1W-
Request Chain 422
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=a3876fb1-e389-4386-83d2-d8e557c3ffea
Request Chain 423
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk51bfba69b98a4079bb45f5a86d03c604
Request Chain 424
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=3oY3FS8diot_u6RHYKgJP_l8cPL9zWSPIBFx0wx72-o&pi=seedtag&tc=1
Request Chain 425
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU217ad19eed6f4568986ccaa6fd566470
Request Chain 428
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 429
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2NjAyNTcwMzQxMzY5ODU0MzIx HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOJdEtp1wZd_KCWBC8QGzCE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 431
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2NjAyNTcwMzQxMzY5ODU0MzIx
Request Chain 433
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/316602570341369854321?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NCbcRp1E2oSbN3QS7dzu3zdnNvMYZGAjoHwPXYFW8w--~A&dongle=0883
Request Chain 434
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=316602570341369854321&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8885991503366795456&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 435
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=aada912d-ad00-4845-9f80-53cace5b5ff7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 436
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7520810513224092898&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 442
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7520810513224092898
Request Chain 443
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8554590414900769265&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=&us_privacy=
Request Chain 444
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=06e39297-1227-4f05-b230-7bccff700e1c
Request Chain 445
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Request Chain 446
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-gzjpi79E2pfKlGBwxBOCJ08NNhDAlYXjQigV~A
Request Chain 447
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f47c7649-b3c5-43a5-9583-4631c7f3a88e
Request Chain 448
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=4808172105229473040&gdpr=0&gdpr_consent=
Request Chain 451
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Request Chain 452
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZ2Of8Co5ukAAG3wG44AAAAA
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJqf_8zDLmD3TMsSnCmElR8&google_cver=1
Request Chain 454
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&expiration=1707416446&gdpr=0&gdpr_consent=
Request Chain 455
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZ2OfgFH6TQYkZqRcKACIwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEJgJTL5S7MezPMbAxwY1nM&google_cver=1
Request Chain 459
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4430111625358761738
Request Chain 460
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1597947577565009521&expiration=1706034046
Request Chain 463
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 469
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Request Chain 470
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&chk=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=M2Q0YTJiZTAyZDBhODYzMw&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7 HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 471
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Request Chain 472
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=amx_com&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
Request Chain 473
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=openx&uid=c800b928-83ad-44ba-bec7-ab34b67bcdd7
Request Chain 475
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo.net%252Fsetuid%253FA%253D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC5D1A00-930F-464F-9EB1-22F01C98B67F?gdpr=0&gdpr_consent=
Request Chain 476
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid?us_privacy=1---&A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=index_rtb&uid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Request Chain 478
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=appnexus&uid=7520810513224092898
Request Chain 481
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 482
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704824446776.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 483
  • https://ssc-cms.33across.com/ps/?_=1704824446776.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212413095182627
Request Chain 484
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=dba56871-0b20-46db-bd19-7ae561c49b44&expires=3&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 485
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-VP8njQdE2uEhmWUEk9IJ3CNeuBffQnRK~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-VP8njQdE2uEhmWUEk9IJ3CNeuBffQnRK%7EA&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 486
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5795915c63241328&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHY32zNWV7qwNk9Z9sAAAAAAA&expiration=1704910847&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHY32zNWV7qwNk9Z9sAAAAAAA&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 487
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=316602570341369854321 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=316602570341369854321&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 490
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 491
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 492
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%26name%3DCRITEO%26visitor%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=aada912d-ad00-4845-9f80-53cace5b5ff7
Request Chain 494
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadyoulike%26bsw_param%3D3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=24afc718dd2e41259cbf95e82681972f&ssp=adyoulike&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&name=BIDSWITCH&gdpr=0&gdpr_consent=
Request Chain 495
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Request Chain 496
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABPHU7LOx0AABPb3P8NtA&name=BEESWAX
Request Chain 497
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&name=THE_TRADE_DESK
Request Chain 498
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Request Chain 499
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 500
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aefee888-7301-4377-bec7-2b0b76abcc15%20&gdpr_consent=null&gdpr=0
Request Chain 501
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 502
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0422040068aa7409541cbc&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 503
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 505
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=15851005-14d1-4b2f-a384-e574e56083c0&gdpr=0&gdpr_consent=
Request Chain 507
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2a9afb6d6be64471b2d5e4c4de0237bc&gdpr=0&gdpr_consent=
Request Chain 508
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=8d57a772-cea0-4dfd-88b2-547bc81fe101&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 511
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 512
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Request Chain 513
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 516
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 520
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf8dd3fa-af1b-11ee-8b55-3aa3bc7cd16c HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4430111625358761738&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 521
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCUEhVN0xPeDBBQUJQYjNQOE50QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABPHU7LOx0AABPb3P8NtA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABPHU7LOx0AABPb3P8NtA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABPHU7LOx0AABPb3P8NtA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8280212633832615062&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABPHU7LOx0AABPb3P8NtA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D8280212633832615062%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=8280212633832615062&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPHU7LOx0AABPb3P8NtA&gdpr=0&gdpr_consent=
Request Chain 522
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ2OfwANSE41gQBd
Request Chain 523
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7520810513224092898&gdpr=0&gdpr_consent=
Request Chain 524
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=77ffe599-6810-4b64-af6b-0013c8b40348&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 526
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vF0aAJMPRk-esSLwHJi2fw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 527
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04019751067623948172320445127114259055&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
Request Chain 531
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iCtGwrhE2uVzHlMzDmIEaDVKSntaoxI-~A&gdpr=0
Request Chain 532
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f47c7649-b3c5-43a5-9583-4631c7f3a88e&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dpubmatic%26uid%3DBC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=pubmatic&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Request Chain 533
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2cefa7aacd451098&is_secure=true&networkId=17100&version=1&nuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHY32zNWV7rANhzl08AAAAAAA&expiration=1704910847&nuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Request Chain 537
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7322165245305944218&gdpr=0&gdpr_consent=
Request Chain 538
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=3cd76bec6dc08e0d573cb7191567d5bd&gdpr=0&gdpr_consent=0
Request Chain 539
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=6dfd11c086
Request Chain 540
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8280212633832615062&gdpr=0&gdpr_consent=
Request Chain 541
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930&_li_chk=true&gpp_sid=&us_privacy=1---&gpdr=&previous_uuid=dbe77c4dc56d414288d87b374cec623f HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-IbYMa0lgOEOviwYsr25v6-K_MRsAaZK6oOECTw&us_privacy=1--- HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-IbYMa0lgOEOviwYsr25v6-K_MRsAaZK6oOECTw&us_privacy=1---&us_privacy=1---
Request Chain 543
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7520810513224092898&us_privacy=1---
Request Chain 544
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABPHU7LOx0AABPb3P8NtA&expiration=1706034047&us_privacy=1---
Request Chain 545
  • https://beacon.lynx.cognitivlabs.com/ix.gif?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=923cfbdd-01fa-475e-8b6f-b6127a4708dd&expiration=1736446847
Request Chain 547
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=so3_KrGlzcHbAuaMi-62&us_privacy=1---
Request Chain 548
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8280212633832615062&gdpr=0&gdpr_consent=
Request Chain 555
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Request Chain 556
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LR6OGFBQ-17-B2QO
Request Chain 559
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707416447%26external_user_id%3D1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Request Chain 561
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
Request Chain 562
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
Request Chain 567
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LR6OGFBQ-17-B2QO&name=RUBICON&gdpr=0&us_privacy=1---
Request Chain 570
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
Request Chain 571
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=f47c7649-b3c5-43a5-9583-4631c7f3a88e&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 575
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABPHU7LOx0AABPb3P8NtA&dongle=bzwx&gdpr=0
Request Chain 576
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=628dfea8a2e013c6&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG5E3KKch8agN95BR6AAAAAAA&expiration=1704910848&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 577
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 582
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_52c322e525534ac1bdc82
Request Chain 583
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5
Request Chain 584
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pey8Kix61RngIy5&gdpr=0&gdpr_consent=
Request Chain 585
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Request Chain 586
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=923cfbdd-01fa-475e-8b6f-b6127a4708dd&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Request Chain 587
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 588
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477423030163126
Request Chain 589
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 591
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874946162095
Request Chain 592
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU217ad19eed6f4568986ccaa6fd566470
Request Chain 593
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 594
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:edf8659d-8e82-4c00-8185-6c25c035f5d1&gdpr=0&gdpr_consent=
Request Chain 595
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GrGlv7bdAae_AMmvgo6dZQ
Request Chain 596
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7988283243 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1ee2284a-f33d-41b0-8f2b-c94a02cccf95 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Request Chain 600
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7581108501708409104&uid=Q7581108501708409104&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581108501708409104
Request Chain 601
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB&gdpr=0&gdpr_consent=
Request Chain 603
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&vxii_pid=12&vxii_pid1=10067&vxii_rcid=136574b3-cbf7-4be7-9227-7e0502afda28
Request Chain 607
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10F07D670_5971363D&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 608
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1597947577565009521
Request Chain 609
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6b0fcb35-586c-4e4a-87a8-62472337f724&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 613
  • https://idsync.rlcdn.com/712188.gif?partner_uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKbpMTI81v7jpJlN7p5MykA&google_cver=1
Request Chain 621
  • https://id5-sync.com/s/286/9.gif?puid=6d8b775f-2de4-4513-be28-1zz1704824352&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BID5UID%7D HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1242%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1242/8/2.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F821%2F7%2F3.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/286/821/7/3.gif?puid=aefee888-7301-4377-bec7-2b0b76abcc15&gdpr=0&gdpr_consent= HTTP 302
  • https://match.deepintent.com/usersync/147?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F987%2F6%2F4.gif%3Fpuid%3D%24%7BDI_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 303
  • https://id5-sync.com/c/286/987/6/4.gif?puid=di_52c322e525534ac1bdc82&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=LR6OGFBQ-17-B2QO&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR6OGFBQ-17-B2QO&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1243%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1243/4/6.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/286/101/3/7.gif?puid=f40eb6b1-7111-4714-b5d9-64d8b77e171d&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/104/2/8.gif?puid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1227%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1227/1/9.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fid5-sync.com%2Fa%2F286%2F1126%2F0%2F10%2Fgif%2F0%2F0%2F0%2F0%2F HTTP 302
  • https://id5-sync.com/a/286/1126/0/10/gif/0/0/0/0/f47c7649-b3c5-43a5-9583-4631c7f3a88e HTTP 302
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA
Request Chain 622
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gGj2kY44-MybOPqXj23il4VtrpSbOfbNgm3Ek8qh
Request Chain 623
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
Request Chain 624
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f52ed82ee2697ffb22b2f840e85f41e&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7322728231207348811&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AABPHU7LOx0AABPb3P8NtA&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f52ed82ee2697ffb22b2f840e85f41e?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-H7V1.yBE2oP723gZlerWF3xEAhdNGtLtK0O8h3Ww~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjUyZWQ4MmVlMjY5N2ZmYjIyYjJmODQwZTg1ZjQxZQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFKVGgJybAyZ0LpxDIFoA5g&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Pey8Kix61RngIy5&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6203002&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f47c7649-b3c5-43a5-9583-4631c7f3a88e HTTP 302
  • https://jelly.mdhv.io/v4/pixie
Request Chain 625
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2efd7f444c1a1098&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF5TgR83IEQQNttPdnAAAAAAA&expiration=1704910851&is_secure=true
Request Chain 627
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ2OfgFH6TQYkZqRcKACIwAA%262930 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Request Chain 628
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477423030163126

639 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ls.kurdgozar.fun/ 		652 KB
133 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbe34c8c0d7a4f7b8e9bfbfed955dfba32746a67e9ff622c1a511edc83b9e09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*.ebaumsworld.com
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
842eb1fbc9c531da-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:38 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGhcWEogHiO30xjsyKXHQ69ymGCGcVGoNfBtteB1TZ%2FFhPIKBqlhDEDbFpjVx7u9QE0KVyZu7uzvPls4FjXQAqcaQeRDspFCajZj3lZwtU9%2B7I7ftreq%2FBN8etS0feRuKyDs6vtOEeLQ1IOu4VDu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-ua-compatible
IE=Edge
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v16/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
Origin
https://ls.kurdgozar.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 22:36:19 GMT
x-content-type-options
nosniff
age
589459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22592
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:51:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 22:36:19 GMT
va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v16/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
Origin
https://ls.kurdgozar.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 03:54:04 GMT
x-content-type-options
nosniff
age
570394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23600
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:51:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 03:54:04 GMT
qFdR35CBi4tvBz81xy7WG7ep-BQAY7Krj7feObpH_9ahg9U.woff2
fonts.gstatic.com/s/leaguegothic/v6/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/leaguegothic/v6/qFdR35CBi4tvBz81xy7WG7ep-BQAY7Krj7feObpH_9ahg9U.woff2
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e37a620fa30dcace16366b88ad6e85c0bbc8da22ec7ebf54e692743d87d2f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
Origin
https://ls.kurdgozar.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 18:22:51 GMT
x-content-type-options
nosniff
age
604667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9052
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 18:22:51 GMT
odometer_6290d58f.css
ls.kurdgozar.fun/css/ 		3 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ls.kurdgozar.fun/css/odometer_6290d58f.css
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a3a9d5a3d0a29b681a5fb62db684d6604b2582bb5bdf1caec88ffb9285ab94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 08 Feb 2024 18:20:40 GMT
date
Tue, 09 Jan 2024 18:20:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Jan 2024 18:00:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjV9VOtQmVTJdVupvwvGIOOSjD5sV%2BgKgtukG0YTXthI2d%2BBjVp72jDBV7GOuXcwJAC7GckXc5varQZBgLGjRg2nRwvrmdxf51%2FN08eho%2B41NllqnQR8TrqCtfsOSS6I67s2YQrt%2BNFqXvQk%2BXxS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*.ebaumsworld.com
cache-control
max-age=2592000
cf-ray
842eb2067deb31da-MIA
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=Edge
flipclock_6290d58f.css
ls.kurdgozar.fun/css/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ls.kurdgozar.fun/css/flipclock_6290d58f.css
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce759bc9c2a3b69f1bca2c94df8afa4d278a285906bf9385b60d1a6e139f72c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 08 Feb 2024 18:20:40 GMT
date
Tue, 09 Jan 2024 18:20:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Jan 2024 18:00:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLcIAYfCKk0wp%2B37aaM%2BxYvMuU2%2BshjrMSkK6CbY3z5nbmZcIR1Bl2%2BuqsXhQ9II0yU7SdpI49A1dLztw0xMICCHr6rU5M53qsvNIqpgpwRW540WvigWDXM0j003lRmNss53lP%2FKZL4q3kRHDmsn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*.ebaumsworld.com
cache-control
max-age=2592000
cf-ray
842eb2067ded31da-MIA
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=Edge
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 22:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Jan 2025 22:17:39 GMT
gtm.js
www.googletagmanager.com/ 		188 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQ8W78N
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c708f61d95ddd54bf440cbc7706c12dfa0a6e10bb349f1a3356b1d927388d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68202
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jan 2024 18:20:40 GMT
chartbeat_mab_image.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:e400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:18:28 GMT
content-encoding
gzip
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
82933
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6-8dCEzJuix2dIumqKg8TLNcBCcuYqJcfI_9QDA5hE4DLcwT22D2Hw==
expires
Tue, 09 Jan 2024 19:18:28 GMT
blogherads.js
ads.blogherads.com/static/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/blogherads.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb652135d26db75b753abadd6af1773e18c9b3971721bcd9649a116e67c8d875

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
B5352GXKXTHKBCB3
age
2911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
9T5fBNSaCRqQOhSWjPvA3xgvLflpYdZpEYqvMmOacQAhvA8VkkFKfyjKdTMS7KZ7h3SPgwRT/aA=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 23:47:44 GMT
x-timer
S1704824441.084619,VS0,VE0
etag
W/"7868e6f4edbe669915773ba5f636441b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
287
header.js
ads.blogherads.com/sk/12/122/1226456/26278/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/sk/12/122/1226456/26278/header.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18931ecddecab6e38e6bca8ca0f4e9cc54e8b480c5663b6372f440cee16d3888

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
PQA0TE63D3J7F7RD
age
2830
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PSlZJHHTWXD6gaxqCKybNSPSWDAi5k95xQNZ6M8LQVnyRtH9rxeFpThMxuxaHf2XIWrsTLgz538=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 09 Jan 2024 01:01:29 GMT
x-timer
S1704824441.084532,VS0,VE0
etag
W/"a916e8fb248ce0eaac18b565ac14765f"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
9
load.js
s.ntv.io/serve/ 		621 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.7.17.42 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-7-17-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:39 GMT
Content-Encoding
gzip
x-amz-request-id
E1TXN1EQYSBH4AFG
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/CSH71RljzM0tC7m8TZwN2L/ISQTtIJt8AHwWHnFWKfrUNquiJz+BYJ3BTOkPNmQ/AK9thyZi+8=
Last-Modified
Tue, 09 Jan 2024 16:00:28 GMT
Server
AmazonS3
ETag
"84c06ac06d449c75d911853d474891fa"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
tag
btloader.com/
Redirect Chain
  • https://literally-media.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=literally-media&upapi=true
53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=literally-media&upapi=true
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4844f20da14ea893cb5d059076744175bfbdb4f988d76fc6a8d8d86ce952575

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 17:22:35 GMT
server
cloudflare
age
3370
etag
"62f61cc2348f379d4880efe70267c994"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
842eb215ffe3b3c7-MIA
content-length
18063

Redirect headers

date
Tue, 09 Jan 2024 18:20:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zhj3fvX50DVsm1B9cCl5K2f9zJb0SMa1%2FQDHKgfyg2yJpKjVbKiiiMIMeHh9HvSOB1zgHY3cwU%2BRvYqnxETCfhN02EqIjnbmmHp5mhGZ%2Fbi3CF9EeaNr5BsuuxCFPGGkHMDtSFIBtMlai8EC4ulh7ape4qWswGObos2TFt8Skk%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=literally-media&upapi=true
cache-control
max-age=3600
cf-ray
842eb214e808b3e9-MIA
expires
Tue, 09 Jan 2024 19:20:41 GMT
init-398c0g22ym0ukn3detw.js
api.b2c.com/api/ 		0
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.b2c.com/api/init-398c0g22ym0ukn3detw.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcmeRKJrh%2BuhVjwuTjVv3VtV0e%2F%2F9Gb4eOfmSM%2Fx%2FQnFiXlDZRnTEbg7BIkojEUPqCQ0OgSYMCdh8VwBzLNVdrt85DjdDGPCASuIeCMjdapQ%2FuPifDH8jzZyquSj4gteCe7Kn62rePhX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
842eb214b8ab0a2e-MIA
expires
0
mainLogo.png
cdn.ebaumsworld.com/img/desktop/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/mainLogo.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
6db2c3939ddf91c82e9befb5e195a78974efa9b7f2b6c5c2c53f128ccdd8ddc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:39 GMT
last-modified
Thu, 20 Jul 2023 23:11:47 GMT
server
AmazonS3
x-amz-request-id
NKNF27ZJ8E3PGRJQ
age
14029742
content-type
image/png
content-length
19904
x-amz-id-2
97/1M6Z5LW6avx63xYoavqrk5k1o+4vafnfsDGPysheoRfk/Prq75Udv0yYw6oHFWOzKQe7QWyk=
x-llid
546d3e3cd6aad4a595eeec761790a4d9
leeds.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/092626/87493708/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/092626/87493708/leeds.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
5186f010339f1f6e041d8c653c5b7d02377f4296084f915550d3fbf584a3be44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:39 GMT
last-modified
Mon, 08 Jan 2024 14:26:27 GMT
server
AmazonS3
x-amz-request-id
698GZ1GHCJ5XBZY3
age
100453
content-type
image/jpeg
content-length
95094
x-amz-id-2
Q/Fj281oZTWvMe1p9c4pJ0M1U2hwf5C0CrsEHohIWzGY4Hp63Eq0tP5RzO6naW3WYReYwHc8/V4=
x-llid
d17053956fa2de7585b1bd61fe63c652
87493708-1704724043.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493708-1704724043.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
27660efcf3c62384fe11e6be9e3ead5b49a738151c68c355c46e1e6daf8fcd44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:39 GMT
last-modified
Mon, 08 Jan 2024 14:27:24 GMT
server
AmazonS3
x-amz-request-id
6AXDZZV15S9CHSP6
age
100396
content-type
image/jpeg
content-length
1780
x-amz-id-2
pWIewJFtJuuxQe/cPB3cg9DrXZuElyorS73TRIfeYkm5Eto/Uj8EFc86zmaGl8pb62JRXBsSAYc=
x-llid
0c2a270d46ca8aad0431fd53efb90c22
chain-s.jpg
cdn.ebaumsworld.com/thumbs/2024/01/03/110958/87492143/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/03/110958/87492143/chain-s.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e0e87b4ce41c6f96589ff26d903d7508ee115d61a22ff674c931467f3a702ee3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:39 GMT
last-modified
Wed, 03 Jan 2024 16:09:59 GMT
server
AmazonS3
x-amz-request-id
WFY7H4DN3YTX5EFK
age
526241
content-type
image/jpeg
content-length
30789
x-amz-id-2
NG+sdSX3WWlIDYhX7VlvjNSn1Uh1yWZyZi2NYtwVVnXyRk3Fh3sqZjvBisUrgsETsYLlUXNqXDc=
x-llid
7fc2cf3fb0fe21ea35d6354cf0b51582
87492143-1704298415.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87492143-1704298415.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e18a7c35b73bdd45978801c3169ee4fbd619ffbd66aa3f615272e41d9cceab4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:39 GMT
last-modified
Wed, 03 Jan 2024 16:13:36 GMT
server
AmazonS3
x-amz-request-id
G9G9DN05QSCX69MW
age
526024
content-type
image/jpeg
content-length
1345
x-amz-id-2
5ONbjGwshVl5SCLd1TS0POZx0PZN+0SatIPuXxOEPBpGUvSZV+S723acRooJqsXWsxL9NCou6V4=
x-llid
c757fab311139dfbe45466039bc9f1b4
crops.jpg
cdn.ebaumsworld.com/thumbs/2024/01/03/100101/87492142/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/03/100101/87492142/crops.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
247900c59e63e00b30d136c855a6c73a9e35f1c4931d328495dac2956572334b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 03 Jan 2024 15:01:02 GMT
server
AmazonS3
x-amz-request-id
YFJM7XFCXTAXDE3N
age
530380
content-type
image/jpeg
content-length
27292
x-amz-id-2
kTGeYQ6V5DiYK19wu15XvyuziHE0C6S/SeQit50AheB9bIqMB8OnBR/Z+WhBcg8NVhAxGPMO7ow=
x-llid
07bff0b2020769dcaed96cda0b477d3d
87492142-1704293892.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87492142-1704293892.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 03 Jan 2024 14:58:14 GMT
server
AmazonS3
x-amz-request-id
DQQ71D0P6XS94MF1
age
530548
content-type
image/jpeg
content-length
1777
x-amz-id-2
lvdDl4G3NTW1SbeZkycONvcAeVJ/Wu1f048Zf9Nd8PVpmjSGvvd20ohSRTBL1/Zk0FosEEWty3c=
x-llid
3f14f71af8072bef3e4e6a1a7f533138
pics-s.jpg
cdn.ebaumsworld.com/thumbs/2024/01/02/035205/87491273/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/02/035205/87491273/pics-s.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
d33aeaa613dbac135bea41010f2efb28f6c9961106b23b6832230e1ee856a2b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Tue, 02 Jan 2024 20:52:06 GMT
server
AmazonS3
x-amz-request-id
BGDWVCBHMR651RJM
age
595716
content-type
image/jpeg
content-length
32902
x-amz-id-2
7gn1cGtkiy16HpMmUB6yEJ6S3B1f9yS8a1CcDwHvYg+3VGZAM9yzGKYoFv5rs8XEsanABsLBGow=
x-llid
cbf7978650443ab4c7d3be1c2c138895
87491273-1703881243.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87491273-1703881243.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
218ba2612cb42e176a5d0f65b600f3fe4c4c5ebb117216850adf888532ec1cad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Fri, 29 Dec 2023 20:20:44 GMT
server
AmazonS3
x-amz-request-id
KP4XJDME2MJAP6HR
age
943198
content-type
image/jpeg
content-length
2109
x-amz-id-2
B/ZNDpFWPXPOFXVfzH3Y4m87ZYwdrIanvKgEClCtU/ILMtHQLKAqxVULBZr3fe3CnurctulVBlQ=
x-llid
5257788f78f3647ab2a7a248785d1e4b
meme.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/120941/87493261/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/120941/87493261/meme.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
34f328b7d796fc83aba7ca97bb5a9983414c0c1256edf97fbd59877d2660feec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 17:09:42 GMT
server
AmazonS3
x-amz-request-id
NGSSRQGV50H596DX
age
90660
content-type
image/jpeg
content-length
166881
x-amz-id-2
9u0YiCdqaAX0WlcPn85JJ5twWk39DtKnNC2bw8nsQzOSZaDnjDZVtOcq/vA5XbDTygpWFFhYxng=
x-llid
52be91dc449748f52c41970105803bb5
87493261-1704504404.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493261-1704504404.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
64ac3b20f232ce7a44428c05ae97e4f414ccd142a19215752c4f13378374c643

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 06 Jan 2024 01:26:45 GMT
server
AmazonS3
x-amz-request-id
804AM5DKP6WHXFCW
age
320037
content-type
image/jpeg
content-length
1610
x-amz-id-2
z6SI6ldTcBbVFxSWUQzYMVPUEtDgN8hdImI+H0H6dwYAtoUwptlE5hn39qQDio7ZadtEMllKtU8=
x-llid
951efc95a62623b371c2898cd8bdc4c4
lord.jpg
cdn.ebaumsworld.com/thumbs/2024/01/09/114208/87494023/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/09/114208/87494023/lord.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
cec0a30eb75b81d4200725c16192101ba078c44d1a21e591a96ffc3e62d7153e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Tue, 09 Jan 2024 16:42:09 GMT
server
AmazonS3
x-amz-request-id
EMB9FBPYS108R0DV
age
5913
content-type
image/jpeg
content-length
181819
x-amz-id-2
Ea+Ecj9FrHfwBIU7h5VU2gwuFwRSjq61xb2eRj2Pb+fJF28IsWilKtVh4+tlk5JV3oSS+wDM3og=
x-llid
14a80f2b177ae609140fe080ac7fdcfc
87494023-1704818551.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87494023-1704818551.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e18a7c35b73bdd45978801c3169ee4fbd619ffbd66aa3f615272e41d9cceab4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Tue, 09 Jan 2024 16:42:32 GMT
server
AmazonS3
x-amz-request-id
V1WVMHWP24REDW1S
age
5890
content-type
image/jpeg
content-length
1345
x-amz-id-2
GPH6E5oRlpls+3mDFLRbtqDJfoQXX/6vhw1hP5bSvb9uXczpLlEf0nIPyZaQmL65mbqhkWXXmxg=
x-llid
21471dab465cb6ea8770fcdf0570bce9
wholesome.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/065624/87493909/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/065624/87493909/wholesome.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
918a411b86a1e4ffeb5ecd72654dd13d5509df9db13385b602d33d403be139c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:56:25 GMT
server
AmazonS3
x-amz-request-id
2FBDPVJ0NDCYX84C
age
66257
content-type
image/jpeg
content-length
165011
x-amz-id-2
UfjL+tPPItgYbMvobXn9yHEW+2vRCf5lWNg5wvKiI3Q1dV6ZVljiQNxjhkaKXQRko1I92QYr9zs=
x-llid
89d290e95d26a82154aee879835092ab
87493909-1704757901.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493909-1704757901.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:51:42 GMT
server
AmazonS3
x-amz-request-id
AACVKV2X58M80EMB
age
66540
content-type
image/jpeg
content-length
1759
x-amz-id-2
cxis7glvGxTqCDPZwAcWDx97qPlxdQDABrSgwuW024pUImmVcCowVRxh66KSyq3wU0CD6ue9ePo=
x-llid
81683dba99dcbe743dab17a427b62c4b
butt.jpg
cdn.ebaumsworld.com/thumbs/2024/01/09/100156/87494022/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/09/100156/87494022/butt.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
397e925bb85f3cc9b7d4200ed7a3b29954c1c9b66347e8caa747ad14c9bc70fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Tue, 09 Jan 2024 15:01:57 GMT
server
AmazonS3
x-amz-request-id
3R7YWDG1QPN2XKDQ
age
11925
content-type
image/jpeg
content-length
226157
x-amz-id-2
uNzvY3OVdBfvevEYdXxggWN0YniLP2k+qh883QwSbn2m8azmWdW3rSdjGMoVfDtxrArEVt4ddRQ=
x-llid
1696121c4b8bcc4407ccc3f166b82043
87494022-1704812550.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87494022-1704812550.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e18a7c35b73bdd45978801c3169ee4fbd619ffbd66aa3f615272e41d9cceab4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Tue, 09 Jan 2024 15:02:31 GMT
server
AmazonS3
x-amz-request-id
1WR4N32WSXE9MC3X
age
11891
content-type
image/jpeg
content-length
1345
x-amz-id-2
pzT6vOdA+e7btPSCw/0skQnfuuKvYmQiazutMPvGiWkHg4avU2bwSjR9FNZTLJuQlG6iJ2IyAWs=
x-llid
cc1e147a2d8af61bc0af5f30e555acfe
context.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/021122/87493574/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/021122/87493574/context.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
66b240bd48e5cc0a125ebde6dd8027f01339751c2252f9779cf33e900dd51cc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 19:11:23 GMT
server
AmazonS3
x-amz-request-id
8GKA2S62ATMNX4GE
age
83359
content-type
image/jpeg
content-length
116653
x-amz-id-2
zKEgvJUuufE6FtpDpoVzqyORZdhfWO1RmyG3ZhBN6HuUZfSusaJVYpsoXmNLhm5YiBgJYYn0duE=
x-llid
429456484f10b3b9974c666bd06fa878
87493574-1704637137.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493574-1704637137.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
218ba2612cb42e176a5d0f65b600f3fe4c4c5ebb117216850adf888532ec1cad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sun, 07 Jan 2024 14:18:58 GMT
server
AmazonS3
x-amz-request-id
Z9YF45PTEVKH5XCK
age
187304
content-type
image/jpeg
content-length
2109
x-amz-id-2
DgcUAYYaw2IA8m4YDtI8cZ/AqzYay+sc3zrmuKs7BoafmcntnHMptJwKxWGylm39Ts83XSj7Jmo=
x-llid
a8fe94789d719a68446c28686533baac
glasses.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/063427/87493908/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/063427/87493908/glasses.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
33d67823c88202a148e0f5ef9934b3826446df1872adc0fd53b58b13fcadbd07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:34:28 GMT
server
AmazonS3
x-amz-request-id
VFEJZME2MFVRPZ0X
age
67574
content-type
image/jpeg
content-length
93532
x-amz-id-2
VdFmEP278OWtP/lfq+DaVxFJ/jRWe67S8BPNkMr19NDvMIor3NeHTPADcEoe0enQx94fmyR0Qq4=
x-llid
59beccb393e85806e7d5d495d013c4d9
87493908-1704756799.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493908-1704756799.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:33:20 GMT
server
AmazonS3
x-amz-request-id
FD6PT8E29H7T82YK
age
67642
content-type
image/jpeg
content-length
1777
x-amz-id-2
vmUOkDL5jnV5ogOjdJrxl3dTGdWQw/preglNK1YH1xkircBQU+rsABoN2m10Bhb7qnedMz9XPOU=
x-llid
36b5d5ba9b2ae4ce92082c56966fb5a9
T2.jpg
cdn.ebaumsworld.com/thumbs/2024/01/06/112553/87493454/ 		390 KB
391 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/06/112553/87493454/T2.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f43bd1a5317dcc08c6bba4f3d560c81e827650dbf1487767128049308791ad5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 06 Jan 2024 16:25:54 GMT
server
AmazonS3
x-amz-request-id
PV5Y7R1569G4DSJ1
age
266087
content-type
image/jpeg
content-length
399536
x-amz-id-2
70b777VHSRXpzidn+R6jq7FTRCSme1JTxD7D4pwt0oRZpf3FKvOpcfT0EejVnRs7bmE6IHlblDk=
x-llid
06b60f5f905667c298274890d80be73b
87493454-1704558388.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493454-1704558388.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
201f80a3f28681d6680373ed4b40f38923a95e11eda7bbd79633fa9028b39aa3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 06 Jan 2024 16:26:29 GMT
server
AmazonS3
x-amz-request-id
6X1HHYGF9414HSPG
age
266053
content-type
image/jpeg
content-length
1463
x-amz-id-2
9YkedFLYbS33QZvfiQ7KNABNVozMb25QUDQh+3C/sDLFyBFCBnBxj3PocMjaqjNC2C0tRWn9E4s=
x-llid
e4bf1e4e282a7ed907fc95db76f39943
tay.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/053714/87493882/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/053714/87493882/tay.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
31c4ba3ddabdf2efb07209405759dbd42f26c771f480a1d4a6d32c439f921dd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 22:37:15 GMT
server
AmazonS3
x-amz-request-id
SYF3YPTMV29P9J64
age
71006
content-type
image/jpeg
content-length
127097
x-amz-id-2
BMRSasZCv4rNESRWIPvQCfL1RUtgj/ULqq+U2Z8DkX3C3o3R2Wv/NZdzFLYcqQDeBYQFdGqrXgM=
x-llid
7d2eddeb4f9e6b9380e0a8f62d2960aa
87493882-1704753374.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493882-1704753374.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 22:36:15 GMT
server
AmazonS3
x-amz-request-id
BFG7CZZEH1S2ASZY
age
71067
content-type
image/jpeg
content-length
1777
x-amz-id-2
w5bSPINvv+eoZmHXPsqiMXfbk4Ltcm9dAeC2yyzCv9/zEJudJf5wH6g2WkDMtKfj6ERNQgCGmfA=
x-llid
f2167f919805a348074cc2381f9a1601
pics.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/022311/87493496/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/022311/87493496/pics.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e90b43c18472bfbdd0d5d70f9b55280ce4f8312567a9ffffd94b0156988724df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 19:23:12 GMT
server
AmazonS3
x-amz-request-id
K5PWGJ45CS00TFQ6
age
82650
content-type
image/jpeg
content-length
146403
x-amz-id-2
Kt6NO9rx9S2/3qJBA5roFLp5LTC1LqZF7e+6HkuVGrEAc7PSpLsRGcmgLeiskvBrdcjaRglFwe0=
x-llid
29a7af1745127722b69292aa3e0019f1
87493496-1704572958.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493496-1704572958.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
218ba2612cb42e176a5d0f65b600f3fe4c4c5ebb117216850adf888532ec1cad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 06 Jan 2024 20:29:19 GMT
server
AmazonS3
x-amz-request-id
N5M7S67B7JMVN3QW
age
251483
content-type
image/jpeg
content-length
2109
x-amz-id-2
8zCmA3wclylOtGCKr8qdEbRsQxPDeNfrpyA+xA8IaUq3ddPJwJjP7Ld7v2KA3kOv8mo7CBwTg6A=
x-llid
b29001479aea4f9096a359b01f763ffd
urn.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/061828/87493907/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/061828/87493907/urn.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e34b3767763a4366a4b284da2349d876fc04a42d2273dcfddc352a32bc4b0058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:18:29 GMT
server
AmazonS3
x-amz-request-id
TDBD78HNMV7BCXKH
age
68533
content-type
image/jpeg
content-length
127597
x-amz-id-2
HQYrSHD8teEcWUggZJKc+WWfYki85ip08Keg6M6XtzbvLBLz2yJqXVc2UXQ40QOE1gPRz68MznA=
x-llid
ab8df6f88fdc85b493314c2dab490de0
87493907-1704755962.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493907-1704755962.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:19:23 GMT
server
AmazonS3
x-amz-request-id
1S9892Q3EAKPNKGQ
age
68479
content-type
image/jpeg
content-length
1777
x-amz-id-2
qpp6prqbnu4/+lbcU9dBHgFL+aFscKNh2IHJklnAkMcM6qpmhzv28BNmlCClwPnFHshxZu6zQLI=
x-llid
b5aa670bad528ba1970208e489370298
pic.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/122756/87493302/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/122756/87493302/pic.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
7d2935081853130146140a160441c206c7f2176e315d2ce34671de2c53fbf6ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 17:27:57 GMT
server
AmazonS3
x-amz-request-id
0KESJMXZYVRSX7P5
age
89565
content-type
image/jpeg
content-length
165321
x-amz-id-2
lisSta+OH5jU8rdDHfTd+k0fto/zb1gn2KM7CcHPpQJFGsk0i+Uiw3bWGsVnucW3pBZedyl8Uw4=
x-llid
27ef370d15d50f639d34b04722d0d103
87493302-1704518143.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493302-1704518143.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e91448335bbe5e523a5dad2df2ceccf819e08518a88db3c1174ba164efbfab71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 06 Jan 2024 05:15:44 GMT
server
AmazonS3
x-amz-request-id
Q2THT8MG8286QJHX
age
306298
content-type
image/jpeg
content-length
1304
x-amz-id-2
G2KH5FJ64gM40oVqelZ3XwljfPnpihn88iYhvOHefeT/6RWgSsKatvLUkB4g5eebeCfBuDYMnNI=
x-llid
e43c9d380ed922cceda5bf172598242f
cafe.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/055653/87493906/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/055653/87493906/cafe.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f5ff3ef14b90092e994b9d8bdcc10bdd978cd62c25b3c948b1d7d7bd7d089061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 22:56:54 GMT
server
AmazonS3
x-amz-request-id
RT6GHEMR88THMTGZ
age
69828
content-type
image/jpeg
content-length
90800
x-amz-id-2
ZawiOWdXfyAp5iyBAIQ5O05G6WI6GMqqPOt+Amp7eQRBKQkpIahhwEstuRSQ6A+a28hknNVjmKQ=
x-llid
8f70dad192c0faab9019e227d0275321
87493906-1704754799.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493906-1704754799.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 23:00:00 GMT
server
AmazonS3
x-amz-request-id
NK018S2SEG79SBS4
age
69642
content-type
image/jpeg
content-length
1777
x-amz-id-2
nezno5Zl1H4ogbt0lgC8SqperAFBaxNDLV7lxWfuqEtgKIXRHTQm+uTC2DXHtzV/geXFD3H5LqU=
x-llid
e37044b36921e3fb901bcd21d7429c75
forgotten-history-thumb.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/122033/87493710/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/122033/87493710/forgotten-history-thumb.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
4af93837a2eb9b5e36918849e985e92a56ffe5d9894c3d73d4cba085023d0836

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 17:20:34 GMT
server
AmazonS3
x-amz-request-id
YKDB1VHCBSA1TA5Z
age
90008
content-type
image/jpeg
content-length
71266
x-amz-id-2
dPhq6iFlzW1qY1V9w5wLkmw4XVatJ1UyEAhlP/qYtQJyEn1j6UzW3SwQ9gdgCdiH0ObhmvY6rEQ=
x-llid
be04f2b25e9a672497b3994bb3a6fd08
87493710-1704734422.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493710-1704734422.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
8dcae681db9813bf7f4bc0aa4dbed81174c746f5ab719ac53a2b4c26593fc123

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 17:20:23 GMT
server
AmazonS3
x-amz-request-id
E2TWNKWNVZTTWC64
age
90019
content-type
image/jpeg
content-length
1348
x-amz-id-2
yzzXsJFNQxD41drvB1XtJEhLy/g/4+r90jw2YBDIhoxuREqXjvI8bhjKaCmeMzYnWKlYNJwSU+k=
x-llid
4d0d8406ce952ffc698f361e02cc663d
cry.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/014403/87493828/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/014403/87493828/cry.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
87d5b6ce9b6943eb11b5c4650af294e65150a8de88f3cfd9f099af14243dc6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 18:44:04 GMT
server
AmazonS3
x-amz-request-id
EZ2EX630TZZA2SPF
age
84997
content-type
image/jpeg
content-length
134952
x-amz-id-2
JhEWDFE+eA06WEZKcv75/W3VKkFjI3fSxiSDYpc8+U4MdEy3Zc1JvnYyhjpnYW5WcoC4I4KJ2lA=
x-llid
61ae13f1876a5a65f2eb024455edb920
87493828-1704739247.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493828-1704739247.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 18:40:48 GMT
server
AmazonS3
x-amz-request-id
CTKV5FGSAVA26NY2
age
85193
content-type
image/jpeg
content-length
1777
x-amz-id-2
ghqfUmYoYllxcjx5UCzPeqi+XSIAcOL7SSPMAqSetaiIbqucM+7pkzbFjhH5S69utX8/sjzP9js=
x-llid
b9aa05bc94820a513f6fbdd196f63b7b
tweets.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/023623/87493829/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/023623/87493829/tweets.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
2718adeca5ad7bc2bdcfd9d3a2403af47494d18660108364733d9d43e2ae869f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 19:36:24 GMT
server
AmazonS3
x-amz-request-id
JS009HZQ17ERR9V3
age
81857
content-type
image/jpeg
content-length
130763
x-amz-id-2
FxDNOa1Y0P3GPVA1zuFKo8+IVdFxNdankYa0Skc2Q137waSkc+LG3ilQID2A/jyxeIQGhAZxKDo=
x-llid
c24070533a2ade81b1406e7b297d4a7b
87493829-1704742160.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493829-1704742160.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 19:29:21 GMT
server
AmazonS3
x-amz-request-id
RBA0PNATAJH47FCX
age
82281
content-type
image/jpeg
content-length
1759
x-amz-id-2
YG0Zytrlip28DeAe00S9sf//ubDPitVmy7Ucad7wFM5jeSCQPtYdTndRYS+cgllcFP9UXKugQFc=
x-llid
79e97cf1352868a95397409e8299ad29
hump.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/011527/87493827/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/011527/87493827/hump.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
c46dda469ed6696a21929db7c24648fb09719737d11999847dd18a942b15958b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 18:15:28 GMT
server
AmazonS3
x-amz-request-id
HEWKXE0KPZC6KGK3
age
86713
content-type
image/jpeg
content-length
118457
x-amz-id-2
0FJKV6UVcfORgKjeGn6zY/qweq3qXv+bG88tEZWM57pd3VxB1cvyqbfEdD4UsYeB1LKr+ZNps7E=
x-llid
7655aab67e76eb6146f273ca3a087198
87493827-1704737623.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493827-1704737623.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
8dcae681db9813bf7f4bc0aa4dbed81174c746f5ab719ac53a2b4c26593fc123

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 18:13:44 GMT
server
AmazonS3
x-amz-request-id
ZZHJ5H88MWSVRG6V
age
86818
content-type
image/jpeg
content-length
1348
x-amz-id-2
sjX1ZqbAUkx0/SkCPaBwsb0EwyIbOYZJRkBvNdhLXDAKi1maAFGvI8dtmlEX7YJbDcvL2uS+Tf0=
x-llid
13531ae7849952c596d910752b796dfe
work.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/010918/87493804/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/010918/87493804/work.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
3c27f8c071d9e3d7d96e0d0f6710a424b17a14deca8ebc539fbee597fee72ad3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 18:09:19 GMT
server
AmazonS3
x-amz-request-id
6TCMZVVC3TCR603A
age
87083
content-type
image/jpeg
content-length
161555
x-amz-id-2
59OqIc4XXzfYX4NVnkqHR4yW964+ktLBMH5GTDMbF0gC7z5+OqcUptqj9Wkaj8ZWP/DY6dxa1vM=
x-llid
b1b4d4c66eade8da58e7f3d7c61a4f48
87493804-1704737060.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493804-1704737060.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 18:04:21 GMT
server
AmazonS3
x-amz-request-id
2GGMVASCG4B8BRFV
age
87381
content-type
image/jpeg
content-length
1759
x-amz-id-2
UC3THo2s06gn2k07/Jg0Lp+k0fMvMm+ngFpEM2XvtuyhYCqS0H7AolgtDy820mpvH7pGLB8ogGc=
x-llid
54228cfac0a06a28204293b00dff79ea
phone.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/124023/87493761/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/124023/87493761/phone.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
02e9af70b9216437e80380311f637a03b9e9479071ea700f9785f4e88fa2d27b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 17:40:24 GMT
server
AmazonS3
x-amz-request-id
C7ACVNPGRVWA7DDH
age
88817
content-type
image/jpeg
content-length
195734
x-amz-id-2
BXFSH9Z5NdEDqL6ScRuqash18rYVbAuKmlx0D/YJizsy5hzqx06b4cqIVdZQSw8P7cuY3Y8JyPo=
x-llid
61bb2ce17a84023ab555fbe05d17b84a
87493761-1704735427.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493761-1704735427.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 17:37:08 GMT
server
AmazonS3
x-amz-request-id
FY7BPB72W8VY17C6
age
89014
content-type
image/jpeg
content-length
1777
x-amz-id-2
gVWu3wl0k5Zaaih0gmSCo5bYNw4eVmpKQmoiSZ1wTk96IpG0qKdMVXlqeO4eJN1BNTEyZEllNyQ=
x-llid
834807c244989fe56018e65479e9680b
jo.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/095437/87493709/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/095437/87493709/jo.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
95857594972f6ca1a22f92b959ec3b9ce5b83e930e1a877e178f32bb4eb4f21c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 14:54:38 GMT
server
AmazonS3
x-amz-request-id
NSG929WM69G2Z9BC
age
98764
content-type
image/jpeg
content-length
69160
x-amz-id-2
a1Q5t/VFR674qLyasxkuLrvqmF2Zm2lEH1CDbct+Wm6qggeOSlxWyPIWGK2VPAhfPT1lin4kCeE=
x-llid
a2a1a9db212f0fae33ae6be86570196e
87493709-1704725760.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493709-1704725760.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
27660efcf3c62384fe11e6be9e3ead5b49a738151c68c355c46e1e6daf8fcd44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 14:56:01 GMT
server
AmazonS3
x-amz-request-id
NRG6H1BRVDG1VG3H
age
98681
content-type
image/jpeg
content-length
1780
x-amz-id-2
q1CSMqlaf7NzZF9ABqAZAXgra59C+1ff3wC7C60DEEBumBLTTjnZOK5I2iXPJVVaKOqe91Wt6wM=
x-llid
760299b18a38fa6082da27638e568bef
fb.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/090836/87493644/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/090836/87493644/fb.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f3f1d13a0e740de5a47a2a37803b6c30a9866fcad648fd48dc0e2bbe4030f2fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 14:08:37 GMT
server
AmazonS3
x-amz-request-id
8YE75SRBWXZ4GCZJ
age
101525
content-type
image/jpeg
content-length
219826
x-amz-id-2
h2J/7vbafLlW+2j2YZkRaSKBdLjDeYIExc0kO2P7bj/DUfLeAazTdErfMWse44gFiG7PgKQKR1A=
x-llid
4689f8e3602b0f5253abd7d4806aaf7b
87493644-1704722718.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493644-1704722718.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 14:05:20 GMT
server
AmazonS3
x-amz-request-id
JZV8MS028GAW1WYB
age
101722
content-type
image/jpeg
content-length
1759
x-amz-id-2
/8tRPuqntP6ZI3Bwip6xyMC4liChkemAgU1ywfA79AAi3LXonYh0GBtIZPDjamdm6ICdfbu4Hxg=
x-llid
da2ba18f4989b5f18a11030490979d83
87492625-1704388120.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87492625-1704388120.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 04 Jan 2024 17:08:41 GMT
server
AmazonS3
x-amz-request-id
NY1VNCXTMQQ4JKZJ
age
436320
content-type
image/jpeg
content-length
1759
x-amz-id-2
a3YXliMeI/++AD2K5SfOTG36GoKnq8wS1V9YfxEesfgHzxZ5AerssGMLk1bK3nk3sSH77MXGhZo=
x-llid
3138b91cab58a96d6ea009e4ded16a14
87406765-1685859528.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87406765-1685859528.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a0fca3cbbced080c0adb097b6385d83c6a77ed1d09c6ed120aa0a53672a5e4d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 07 Jun 2023 23:25:12 GMT
server
AmazonS3
x-amz-request-id
5CGRGPFDTEW9BY8Y
age
14508399
content-type
image/jpeg
content-length
1330
x-amz-id-2
5x8xlfp3fzfVRztz+1OcW/ZIFOhlsZVSJB0Bu1ug9KlemHN/rvqFqeaD3/er2F+jH+DR+LcyQqU=
x-llid
a3d0d86e31721797bcb1e7040a62100a
x-amz-meta-mtime
1686180195.155593265
87487253-1702678983.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87487253-1702678983.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Fri, 15 Dec 2023 22:23:04 GMT
server
AmazonS3
x-amz-request-id
2W46G43VDA8MG1Z8
age
2145458
content-type
image/jpeg
content-length
1759
x-amz-id-2
bDqwyEa+UKtHGRUmMcpCd8lakenN7Yv2/nmRp7hrb+WmfsLErLsj9t6++u/swL6Uyr2MXm1UlDE=
x-llid
0e3edd6b9f4edefd5f3d7e7c538a0153
87493624-1704722201.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87493624-1704722201.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 13:56:42 GMT
server
AmazonS3
x-amz-request-id
DDXYS944SATN03R8
age
102240
content-type
image/jpeg
content-length
1759
x-amz-id-2
UfRTFVBLF1nXQClqWvCa9vQ9W4ayNCiHz53a9sJJvPhzSBk4kA6EoUaVFCwDdn0EDlVgvd2kaYM=
x-llid
6f117881b1362272bb7a915c579be240
87485513-1702322352.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87485513-1702322352.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 11 Dec 2023 19:19:14 GMT
server
AmazonS3
x-amz-request-id
WSF30ZNA8HWB6FFP
age
2502088
content-type
image/jpeg
content-length
1759
x-amz-id-2
PT3V4qMwY7vzsKgu8e7TBSKgye2ScPA+RTff9XTiWOXYUaZNTKQbaELbf+KvIZ0qpi599KffyTU=
x-llid
dd19b26f39dbbdd70aa8e5e9774f6414
87485316-1702311705.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87485316-1702311705.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 11 Dec 2023 16:21:46 GMT
server
AmazonS3
x-amz-request-id
4EZ8VFTR14FV60HJ
age
2512736
content-type
image/jpeg
content-length
1759
x-amz-id-2
JCyJ8ELLiPO6UI+as8KidvpBLWyL/LbanUhNB1UKNe+d9/9NF7MRocrIbXTEYLr7+huFn6D6ypA=
x-llid
d48db0f9b8e8f66e5a4ccb5e12a5f497
87485785-1702399873.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87485785-1702399873.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Tue, 12 Dec 2023 16:51:14 GMT
server
AmazonS3
x-amz-request-id
3REB01F42SGA41TP
age
2424567
content-type
image/jpeg
content-length
1759
x-amz-id-2
5OWackyZ2ijtGFky+BkMtUBrI/X6bvSqtxHdMUmLIsp4yYzNzxmNacQrmiB2Lai0nz17ZvND7W8=
x-llid
81f991c083d6519d2f1c5a322de11d15
87486770-1702583585.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87486770-1702583585.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
8435c941c3b9d3f169c6ba8720e5aa339af3998102d8f00b330eabfb812f7859

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 14 Dec 2023 19:53:06 GMT
server
AmazonS3
x-amz-request-id
GPMPGNXM461DWP6E
age
2240856
content-type
image/jpeg
content-length
1263
x-amz-id-2
hGjyVr451lwSzxEsuATz83jIDPKiPG55P68D6uFYGs+aSXQeuzBgt/YGfcgtFNWlfdY58DaiK3g=
x-llid
f18a6f9e31d7bc7360450f64d7a7c48a
87486448-1702506818.jpg
cdn.ebaumsworld.com/thumbs/mediaavatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/mediaavatar/87486448-1702506818.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e18a7c35b73bdd45978801c3169ee4fbd619ffbd66aa3f615272e41d9cceab4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 13 Dec 2023 22:33:39 GMT
server
AmazonS3
x-amz-request-id
5ME52Q86B0WZ6FEX
age
2317623
content-type
image/jpeg
content-length
1345
x-amz-id-2
tc7y1WYN/66auxL4I/0tgniiXhD2w97Y90VZ6/bWyUCVD+qNXPljY5d7ms+E21Fz+B5pqSWUUMY=
x-llid
40505e74bf9336efe48ed63259f8043f
27056698-1660850120.jpg
cdn.ebaumsworld.com/thumbs/comment/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/comment/avatar/27056698-1660850120.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
eff16e01f6728b9f7eb9eb06da276f423db112ee55d66c8260d1709e6b2e79a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 05 Nov 2022 11:56:02 GMT
server
AmazonS3
x-amz-request-id
ZVDSZAC7WA3R0B7J
age
14508508
content-type
image/jpeg
content-length
1292
x-amz-id-2
NeVl8D/37/nTgclkalHAlwBBWR9sRO6F6QQtae7+GaEsobuG4nWRIgabXrBo0RlnpDnAzlIA3aY=
x-llid
ca36d20a201245a974823fea5f895685
x-amz-meta-mtime
1667634362
27056494-1660850094.jpg
cdn.ebaumsworld.com/thumbs/comment/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/comment/avatar/27056494-1660850094.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e6b407656a83e46d06c9d47affa1ac05b225617668a42c637e8dfd265919cb3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sat, 05 Nov 2022 11:56:02 GMT
server
AmazonS3
x-amz-request-id
T9H20FG54E341Z5Q
age
14508514
content-type
image/jpeg
content-length
1730
x-amz-id-2
NCZap/o+d/g+T1eAWNm7n0xsq2UhhIZ16oqu8cU2fMx00wUU6n09Jb3bg2efoOKnWGaVPe2WAiA=
x-llid
8b6382c818e164614dd288d35e1d1a1a
x-amz-meta-mtime
1667634362
27098310-1678210234.jpg
cdn.ebaumsworld.com/thumbs/comment/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/comment/avatar/27098310-1678210234.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
dc72881b50eeeba21d39b80dd51e5361e098890eddc2bfc401827fb3880dbec3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 07 Jun 2023 01:39:58 GMT
server
AmazonS3
x-amz-request-id
GZ4VYQ78REFVWK14
age
14508512
content-type
image/jpeg
content-length
1609
x-amz-id-2
p43WQL4XO/q/T5aztDf/vYOKheDVDANsAG33tcYr1jGM6mbefHp1s8ajTcTC7hHfrMPCjEAi1A8=
x-llid
a90248a621d381849882fba92c2bb879
x-amz-meta-mtime
1686101881.390445631
604025-1701712960.jpg
cdn.ebaumsworld.com/thumbs/allstar/avatar/5621/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/allstar/avatar/5621/604025-1701712960.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
218ba2612cb42e176a5d0f65b600f3fe4c4c5ebb117216850adf888532ec1cad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 04 Dec 2023 18:02:41 GMT
server
AmazonS3
x-amz-request-id
P7W5G8AK39P3KQTE
age
3111479
content-type
image/jpeg
content-length
2109
x-amz-id-2
kZvh9Znefvgq6gCPSmy/AbXPIKTMoimJmcgGSvDwb4543JamQHZj/2jJlXJKe23ohISw9yBjbtg=
x-llid
1d98111d55deeb23a41d041513f0d699
2641748-1701710710.jpg
cdn.ebaumsworld.com/thumbs/allstar/avatar/5621/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/allstar/avatar/5621/2641748-1701710710.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
8435c941c3b9d3f169c6ba8720e5aa339af3998102d8f00b330eabfb812f7859

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 04 Dec 2023 17:25:11 GMT
server
AmazonS3
x-amz-request-id
GKHP4199AGWFWBX4
age
3113729
content-type
image/jpeg
content-length
1263
x-amz-id-2
2rnL/J47Cs6v/nOeEu56/KEKXSNZnk6mIv0SBUEj5flZzUVbeIQa3a+4XQ7KDFr9HV7Yc/KPids=
x-llid
7e3d3642a153f2a4499e3e1d10b209fb
2493846-1701710713.jpg
cdn.ebaumsworld.com/thumbs/allstar/avatar/5621/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/allstar/avatar/5621/2493846-1701710713.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
69598e6775f3298ce1c0efff087a73a989cafda414dcdd18caa502a8bcc36d33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 04 Dec 2023 17:25:14 GMT
server
AmazonS3
x-amz-request-id
TM83QWZS6SQFE1SG
age
3113727
content-type
image/jpeg
content-length
1520
x-amz-id-2
jjR2235S/qSKWozDRnFfonZbzrwTDwj0GQxyynNTR64mRI5tcxrmrm5eWzJMDEGVuJ4v60fn9eE=
x-llid
8a040d8d7e57ea62af79ef8dc49adac1
blank.gif
cdn.ebaumsworld.com/img/ 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/blank.gif
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 02 Aug 2023 20:17:23 GMT
server
AmazonS3
x-amz-request-id
9SJMG9PDZ33KZGSB
age
12707401
content-type
image/gif
content-length
43
x-amz-id-2
VacF2HA47j9CCvtQUBS0dfgBDO7B8gnhJ/g1bJUxWUP3CfydeJLO3DLTVRcuWwpJSMRg3UcrC3Y=
x-llid
068cf2b9d4edf67252714ee6130eb96e
mops.jpg
cdn.ebaumsworld.com/thumbs/2023/12/11/030841/87485539/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/11/030841/87485539/mops.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
5c2433b6c8d6d773d67062482a5fcc12fb0de8633b2e391fc529283e76dabe21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 11 Dec 2023 20:08:43 GMT
server
AmazonS3
x-amz-request-id
MK0T3CYTV5SNR3R1
age
2499119
content-type
image/jpeg
content-length
74191
x-amz-id-2
jFpIrbhoINfRWrki6btwhzJPcKsewDHU8+jIiPJ02GLYk3g5xi63ftp3LLPQpdXmEh0Hb8GptkQ=
x-llid
c0ebe095eebf2efdb5bc1197765c3136
X.jpg
cdn.ebaumsworld.com/thumbs/2023/12/14/022509/87486768/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/14/022509/87486768/X.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a7ac5981c28bfb68a9775b242e03c3c85ce21379df5b6a41d69890e415b35d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 14 Dec 2023 19:25:10 GMT
server
AmazonS3
x-amz-request-id
JR0WRH85AAAHM8Q7
age
2242532
content-type
image/jpeg
content-length
42059
x-amz-id-2
nttkD6aVJ1I+dK9nzbofvZ08xsqDQEMk4TaGxLoi5BTQV+Y+1y0ce3mFwiFkpETAvCi0TmsyLd4=
x-llid
e4341e7223a918c666bb18518234a4e9
cuba-s.jpg
cdn.ebaumsworld.com/thumbs/2023/12/13/055117/87486450/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/13/055117/87486450/cuba-s.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
28ad7e91102ab8166ca104eab890ee9238390657237d37790f86b4fed6d08207

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 13 Dec 2023 22:51:18 GMT
server
AmazonS3
x-amz-request-id
70YYR3KY033RRYNF
age
2316564
content-type
image/jpeg
content-length
39382
x-amz-id-2
ghhgQuvGsqxnJQIC3vaZV4lgahUuHkhPC2+yNAU1HVmhtLAcLwgI2iO0ItUgfUDWzIBT1+5eDws=
x-llid
05e13811b186861de39bf14540c2a218
tweets-s.jpg
cdn.ebaumsworld.com/thumbs/2023/12/15/011511/87487017/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/15/011511/87487017/tweets-s.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
435e23794c212be0a3c2925e7c5b937c781e5c5ebd33185496e4f644930be4c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Fri, 15 Dec 2023 18:15:12 GMT
server
AmazonS3
x-amz-request-id
47SE1ZJ49NF9Y7BX
age
2160330
content-type
image/jpeg
content-length
29929
x-amz-id-2
YAlUHb/AOn8PubVp5htr7Op1M2h1s5qEvu0d/tGON9IofwGZRmTm0S1gk31KPPzukVTt/UO67yc=
x-llid
8d20ddcc58c8ad554f9317365561d161
work-s.jpg
cdn.ebaumsworld.com/thumbs/2023/12/11/020034/87485513/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/11/020034/87485513/work-s.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
af6fbab3d9f169795633e0a3d98ec4089d367560a16b893e632e9dba3eef3d51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 11 Dec 2023 19:00:35 GMT
server
AmazonS3
x-amz-request-id
6CAF1CVZVJ51A6MA
age
2503206
content-type
image/jpeg
content-length
59048
x-amz-id-2
hU2ksevcZPasOXkvMWfqjnU50W6+4RrZHxJzUEVB6YKZJL0UjtocMMWXorXnQv7ZejKI5epV8BQ=
x-llid
a3fddff79cc913e3284e7a1bccb0c6df
newsletterBanana.png
cdn.ebaumsworld.com/img/desktop/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/newsletterBanana.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
6dfa1663b9d896bdfc6f63a672c3596219022c450dc8071493b95f479bdf7f5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:11:19 GMT
server
AmazonS3
x-amz-request-id
7M8Z9ER9CD3YG0YH
age
13975278
content-type
image/png
content-length
7307
x-amz-id-2
TtZAsnjBe1gww+Euxm/2HsXWR7AE5OQqlkDXnEu36k+ENAf3kaivY+dGtXEH9twQqlcx+iZOCE4=
x-llid
97b5d80455aa93247272f55ed4203060
onejs
z-na.amazon-adsystem.com/widgets/ 		0
0
v2kisuUII5WA-HR5P71C6bUydvMwfMPJVUj8XMXHj3S_hHFVlFTAc9kA
memorizematch.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://memorizematch.com/v2kisuUII5WA-HR5P71C6bUydvMwfMPJVUj8XMXHj3S_hHFVlFTAc9kA
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
d4f2aafb1ae7708d7005c555dd26326b59655c4a15c95827d76f9f0879d80e52
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 09 Jan 2024 18:20:41 GMT
x-datacenter
gce-us-east1
etag
"d7df2f5384bca0d0919dae8259150560c620ad2a71f8837e26e2d2d35b3d165c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-test-8hh7
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 17:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1732
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 09 Jan 2024 19:51:49 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:e400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 17:35:20 GMT
content-encoding
gzip
via
1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:03:21 GMT
server
nginx
x-amz-cf-pop
IAD55-P2
age
2721
etag
W/"65838ed9-9630"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Khhv-8dExZPMxy7-bnf7FDAghsQifANZ_rfPyIpzsnVaRdRnHjQp1Q==
expires
Wed, 10 Jan 2024 17:35:20 GMT
t
jadserve.postrelease.com/ 		268 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fls.kurdgozar.fun%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.115.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-115-69.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
190
expires
Mon, 1 Jan 1990 12:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 06:46:52 GMT
content-encoding
gzip
via
1.1 765ade8c6b70e0e7c0b0572f4e039b98.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
age
41629
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hXOwQ8HhzVv1bYLNd9mxpiu1a_ynqqT-b7ugjd7C3LZmxUGvOXJlJA==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Jan 2024 18:20:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54366
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
p7SduSGPaEBV6EKltwBAsN7FSEOaZyjjDBX9QKLchpHNCMNjrxkBay4W96XgIg7N3psskrk5hwi7SKa8OEAAYw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
navGradient.png
cdn.ebaumsworld.com/img/desktop/ 		993 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/navGradient.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
8f5dc1376bfd127bc7ac2b076626002ef1fcc63fc87c879bbc4b717316df4765

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:11:52 GMT
server
AmazonS3
x-amz-request-id
6PJZ5VBWK8ZDFJZN
age
14509695
content-type
image/png
content-length
993
x-amz-id-2
BmmujNLGzHjlH6WwcWO87g98o2WMJMgMDCumsRJiOoaJu8sLRtWbaQ/wuM+aNDMTZYo/of9Shek=
x-llid
3f0c43b44e3071b7e46bd15918deb7e7
navIcons.png
cdn.ebaumsworld.com/img/desktop/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/navIcons.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
19850a3c7f1186edca303a83c012a6eec5b4fbd205eb72d72343cfa540f2f0da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:11:18 GMT
server
AmazonS3
x-amz-request-id
9DVXTM3933SS8TMZ
age
13998919
content-type
image/png
content-length
15639
x-amz-id-2
yw3T2F0E7boEUqYf9/fWo6vayPH7zWzgLlkNwvKgxp2cq5dltb90DSiqGgElWGAQcNWAC+gUUos=
x-llid
6bf7d1760a42c3783cf53a12894ac7cd
big-trending.png
cdn.ebaumsworld.com/img/desktop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/big-trending.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
806c015634c7437f15d3d739084d9e121da3dd8983226529fff543e8135ee27f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Fri, 22 Sep 2023 19:07:08 GMT
server
AmazonS3
x-amz-request-id
AEN1W90JKHC3ZWA6
age
9414428
content-type
image/png
content-length
1687
x-amz-id-2
7hrLAwl8O0dCKIigaI9YzGHbgyY/tNeYa55xajBcofJ1Uv9ffV4CVg6rsXsI13QNKs6b4XL6t9s=
x-llid
f72d86532f95773bf73e1da40a9c212e
followUsIconsWide.png
cdn.ebaumsworld.com/img/desktop/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/followUsIconsWide.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
d980dec34ce9cc49f35508d04abd290e9f8f4f2111bde0313970d29e4da397f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 02 Aug 2023 20:44:20 GMT
server
AmazonS3
x-amz-request-id
YWDSR8FDV2DA0SZ3
age
12357046
content-type
image/png
content-length
8422
x-amz-id-2
3pe4hC2FHVXAlQHE+gKMwRXcWMYcD+J6kBvzFq25hsv5Y+O/9PFd0QgDQyoaiedegmTG2Mhec2g=
x-llid
debe87a7c230573ed283af20239d054f
mediaFeedIcons.png
cdn.ebaumsworld.com/img/desktop/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/mediaFeedIcons.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
9c5535d32ac07089d0bcad366debdb68b94a8af1769ab9718e20117f8db021e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:11:49 GMT
server
AmazonS3
x-amz-request-id
YAYJ9GZE2XMAV5X4
age
14509687
content-type
image/png
content-length
7884
x-amz-id-2
RTzjbXvUoLqC17GyCSBgCPbe9a3m/qK6WDsYKbO3jL9sDFxrVd6SZNUDbWQhuxrclMB5Y2wRGwM=
x-llid
ccd7398ec5bd1530f550ebaa3b4568f1
paginationArrows.png
cdn.ebaumsworld.com/img/desktop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/paginationArrows.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
0945a7c55ac8053108b3c9bfaf00797a9a78ad2b934277fe67246347a0b96130

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:11:21 GMT
server
AmazonS3
x-amz-request-id
YAYJ4PY3KN1BQD8Q
age
14509687
content-type
image/png
content-length
1923
x-amz-id-2
WHHAVniPgdmXDMToykOgEq8t1/luF4abUW95/S0Kt66kgf/7OyVDEOsBKf7qV86rQLAgdErKWpk=
x-llid
92cdd6c4e49cc5766de55f8682f504a8
notes.jpg
cdn.ebaumsworld.com/thumbs/2024/01/04/121314/87492625/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/04/121314/87492625/notes.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
4f03d3dd6c75ddef468ad84646ae0b9c04ed4e25c3f4f9f5ce935a6b1a2ffae4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 04 Jan 2024 17:13:15 GMT
server
AmazonS3
x-amz-request-id
GWPDBGY4ME83KV65
age
436047
content-type
image/jpeg
content-length
156456
x-amz-id-2
qelR0QKc4JEJcb+zJVHH7xiNcs7Xp1B+aZ7AffX1OC2nWeqhTFDHHvTLDWLC8jp2ib4Zf+puHjc=
x-llid
213588cd3a6c5a5e051f62aaa0062576
pics.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/084858/87406765/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/084858/87406765/pics.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
61089198ad224aab50c979907a40b563110c6e70fdfb16b7616231232695ebb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Mon, 08 Jan 2024 13:48:59 GMT
server
AmazonS3
x-amz-request-id
S71RCQYV8S5B2GT5
age
102703
content-type
image/jpeg
content-length
150304
x-amz-id-2
qfJF5E+9yNSUQ21g18LUVLQtq1gd+ZW4iIYG9hLCwFKi5StLn5jjl/0atl/ekl84cH5HAVdFuaY=
x-llid
ab7553fa00c3055916d5e1699405dade
roasts.jpg
cdn.ebaumsworld.com/thumbs/2023/12/15/052713/87487253/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/15/052713/87487253/roasts.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
25dea9f8066831b612a15c069417bd76bc7ae1aa1aed33f02b74cf8918ccd973

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Fri, 15 Dec 2023 22:27:14 GMT
server
AmazonS3
x-amz-request-id
59XQX7TW2FGCJGZG
age
2145208
content-type
image/jpeg
content-length
186686
x-amz-id-2
0Km65cx8FIy5fjPEP52dBvRDKOwAVhXRrWV8O8o4BYjhe4M72MFml8iTXtJIevVEnJxNZq+fhHs=
x-llid
9b42aff1e955e935ae7775bf481cd37d
communityFeedBg.png
cdn.ebaumsworld.com/img/desktop/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/communityFeedBg.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
3595432066cf772cbe739ebdf22f307fcb1af3b7ee9ffd596b2fdcdfe182ec91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:12:04 GMT
server
AmazonS3
x-amz-request-id
KWJ3VAQDK5CZVB5G
age
14509665
content-type
image/png
content-length
1528
x-amz-id-2
/UBV321+7GTRXjfPL391L6MpmtoaTyUS+T83uCpEfnUDzHr3A4W7RpIiKXO5QTc3d4Z2e0HkZYI=
x-llid
88d435bd5695d1ae25493a687d42b570
featuredCommentBg.png
cdn.ebaumsworld.com/img/desktop/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/featuredCommentBg.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
0ca0901a64e149f634a1fdf2de4ff86c5b2e9878128a5136f4b4a0fb02eb1c96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:12:09 GMT
server
AmazonS3
x-amz-request-id
KWJB8Z6BWE5EXW5S
age
14509665
content-type
image/png
content-length
7179
x-amz-id-2
Turpz38oUrSC9TIjjq//OTUih6lVDdK3VL0fk9EawogooGktLDmsjEJGBOC0HcAG74xXUM7l8JA=
x-llid
7846cbb03cbda3711f741a204397ca2b
featuredCommentBubble.png
cdn.ebaumsworld.com/img/desktop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/featuredCommentBubble.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
8744a476984cc348563709a7e73e78dfb0c797d536aa4c6e9c7dc053fdc9a49c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:12:10 GMT
server
AmazonS3
x-amz-request-id
TJGV21BSQ71SE3ET
age
14509667
content-type
image/png
content-length
1853
x-amz-id-2
6AH0rASkcK4nXivnF/O9jRFTpRhOHvnEoGFavwy1nixDNqoXDX4f2jImqiG/N/+ShUFE8De1Hus=
x-llid
a89bc17fe97ba9c03b1bda281e5fc8fa
commentVoteThumbs.png
cdn.ebaumsworld.com/img/desktop/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/commentVoteThumbs.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
64b1ae97eb75b3559cd7dfb41aec382ceeff82979b844ef4724e84ab0e4b19c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:12:03 GMT
server
AmazonS3
x-amz-request-id
KWJA63TS0CQJ78GE
age
14509665
content-type
image/png
content-length
1865
x-amz-id-2
OViVBVq0M4paC/qqrpzykpzlO4lEGGohhhtiDpXKK4fwfQU0BClWqazfVVkDsdOFfESke/UKwTY=
x-llid
bb39ef53b6991ecf44d3ca4da9d93121
allStarShadow.png
cdn.ebaumsworld.com/img/desktop/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/allStarShadow.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
3c21a9543968a922a975767070dfcfc74a270e9ee00f368f9591c687c2cb9c91

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:12:26 GMT
server
AmazonS3
x-amz-request-id
2MZ5DN6188DC99WY
age
14509664
content-type
image/png
content-length
1096
x-amz-id-2
AF7wFZpCQGpOiMNJESjS8MFSka/VY1PgGnwMIjnMvjfgFE8gxCtCDkkb+objJgtOKTWlYRUl2TA=
x-llid
0b46c9eee646dcf063a024c8fdac1f42
allStarIcons.png
cdn.ebaumsworld.com/img/desktop/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/allStarIcons.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
15fa2b4f9fedaf4c57595838d43593c6a3307804373e90005f2f518cf6b26fc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Thu, 20 Jul 2023 23:12:25 GMT
server
AmazonS3
x-amz-request-id
2MZ8XWFMEP2JHX5M
age
14509664
content-type
image/png
content-length
2514
x-amz-id-2
WTLZxk+T56sfekAuwu5f5u3Ykjq5BrC5tW+9V/kBPcIeMeKyDWKmr9tCurPw3lqkgM+rN4WsJgg=
x-llid
9056e6456c498448692f7f3a828cffb1
statIcons.png
cdn.ebaumsworld.com/img/desktop/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/statIcons.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f83f467fe4dcae0dde9fcb42aa03f81dedf6b0d063c8b927dac2ce9ac17c6900

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 02 Aug 2023 20:44:50 GMT
server
AmazonS3
x-amz-request-id
R2Y02T0RZ53B658K
age
4768111
content-type
image/png
content-length
11864
x-amz-id-2
dHNdvsmEJU/vqxUYsFUOXucJHH2gXP9hgt8ysohTDM8p7oDVhUfx2LzhGD4N+Dklutk1UOwtcUs=
x-llid
4b2dc91c77df51394392e7ad75e74dd0
newsletterStamp.png
cdn.ebaumsworld.com/img/desktop/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/img/desktop/newsletterStamp.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
fd1633f96836eb57bb997946e1482f6aaa3be9893810474ac09f472ebac70990

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Wed, 02 Aug 2023 20:44:41 GMT
server
AmazonS3
x-amz-request-id
03AHMFKA1GPACZ9Q
age
10981046
content-type
image/png
content-length
3002
x-amz-id-2
OrlOcxvWGwfLfEmDpGZpMnIZIo0gCW2GS21qxWAOYfFx1+nxrXYXpYOuAfJ5cY8G5qiW4Zatg4M=
x-llid
f67f8577944b3fb1f68bb06f54e9ebab
foundoutsmol.jpg
cdn.ebaumsworld.com/thumbs/2021/11/19/060537/87034521/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2021/11/19/060537/87034521/foundoutsmol.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
eec82dc7c9386d4fb136c21ca511742b591b873135dd77bf8ad84a48b4da765d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
last-modified
Sun, 20 Nov 2022 21:33:41 GMT
server
AmazonS3
x-amz-request-id
EYHG6A8G7B7FW6K2
age
14508515
content-type
image/jpeg
content-length
38647
x-amz-id-2
knPlWX5LUKwzKFPNxmi0gQJO3jBvfKAyZzUq+PaVHet4eBRRl3uG9YINdanUAfnPs4teMTsjRVw=
x-llid
181802d0d2d76083cc55f7896fbee182
x-amz-meta-mtime
1668979914.118698578
gunshots.jpg
cdn.ebaumsworld.com/thumbs/2018/10/13/042430/85790638/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2018/10/13/042430/85790638/gunshots.jpg
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c73711b2d2d5ba6b3df3b5fb1269bfc39d5650605eebdbac726307b759619744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 18:20:41 GMT
content-md5
QDE9117nystEbhbw/ylzyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
x-fb-debug
WUag57KdF2sSsDgH3SVilet83kKJWPghRLyZ6VmMQvapYDEcR5MRM/2OI9tc+pUv6W5ImTNXc1SU0PfqKJQ+NA==
x-fb-content-md5
a8ddc5e7e91255a60c45cbbb5c5d6e2e
cross-origin-opener-policy
same-origin-allow-popups
etag
"0dc593b4b2f0ca80755daf59da62624c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 09 Jan 2024 18:35:09 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V5XPPXMJTV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ8W78N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b7ca2e9b6f936a2314e29788788e8066c569e168d88bc272953736083723c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93695
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 18:20:41 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ8W78N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Jan 2024 18:20:41 GMT
amp.min.js
amp.ebaumsworld.com/7778/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.ebaumsworld.com/7778/amp.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ8W78N
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B19) / ASP.NET
Resource Hash
c19591dfb7f595d8a2c1392b26aafac5cf83b77dc4641d64d1bd8d67c6cc7ed0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
2401
x-powered-by
ASP.NET
x-cache
HIT
content-length
1115
last-modified
Fri, 31 Jan 2020 00:26:22 GMT
server
ECAcc (mic/9B19)
etag
"0x8D7A5E4331F1063"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
expires
Tue, 09 Jan 2024 19:20:41 GMT
lightbox_inline.js
www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/lightbox_inline.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ8W78N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b020745ad903a0e778d07e5667b82d7162ee1872e1d67d0cd28e0c8ffb9619a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
WuQN1lTNxDgy363p5pd6YA==
age
153
cf-polished
origSize=2379
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 15 Sep 2022 08:07:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
1b7bde90-e01e-004c-0700-27df2f000000
x-ms-version
2009-09-19
cf-ray
842eb2163980221a-MIA
lux.js
cdn.speedcurve.com/js/ 		520 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=780806559
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ8W78N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6bcb0b26c3cf3602feed634aec703ce4e8433da448bc01d60be783d066858c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 16 Jan 2024 18:06:30 GMT
date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
851
x-cache
HIT
content-length
228
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1704823590&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Y9ZHSoBby8V2XOazaw%2Fng5kB2KE%2Fdnmj47TuAaJDvt0%3D
x-served-by
cache-mia-kmia1760024-MIA
last-modified
Tue, 09 Jan 2024 18:06:30 GMT
server
Apache
x-timer
S1704824441.309386,VS0,VE1
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1704823590&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=Y9ZHSoBby8V2XOazaw%2Fng5kB2KE%2Fdnmj47TuAaJDvt0%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=ebaumsworld.com&p=%2F&u=DG9oEoB-6xgVBYiC9D&d=ebaumsworld.com&g=6425&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10517&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fls.kurdgozar.fun%2F&b=4343&t=Ph2qbS7BC2Bwre70DeoGsNBgrHR5&V=143&i=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&tz=600&_acct=anon&sn=1&sv=BJr2gvCKPILXC35jtZKVbQnC1s91A&sr=external&sd=1&im=062b071f&_
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.115.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-115-52.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:41 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
2.0232b63a83bdc11b1701.js
ads.blogherads.com/static/chunks/ 		249 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
92e1eb71a9780672eff2fe86cae4db7195d5e96bd9bffc328edbacb7edc92e05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AGZM9N65J2HMDB00
age
9954
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
OcMdwdBf0zO67RK0xSYSwxaW6BR1m1dzmhJqghi3ZCzV0HKIcNvd4D0CmPRtyMt+JvUoLIJbfbw=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 23:47:46 GMT
x-timer
S1704824441.299247,VS0,VE0
etag
W/"0e08053385461c2e2e5598c3a7a016ed"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
8
3.b6ac35d5350a4f5fac09.js
ads.blogherads.com/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/3.b6ac35d5350a4f5fac09.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f656b0a9eefaeb6e892a71a4ff5a3a9b1403037f8a69413d494497d8bde49336

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HGYRYD3HN1GEZ72Z
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
1Kojwp28a5W6TtvthvfIzJMnWk0lt8fqiGJCAL7JAASVNsmpyZEqI22rLRxFH/c0RMOQ7fJ6rEI=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824441.299337,VS0,VE0
etag
W/"5edd42f52583fd187ce454466c2e8424"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
283
30.43f1b6ace600f5a15a3e.js
ads.blogherads.com/static/chunks/ 		64 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/30.43f1b6ace600f5a15a3e.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b3116c7cc3f7b5262d3cd0f5ee64ccacdfc89128cfcdc6f8efd1b7934a51f43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HGYQ7H8ZK8SHWNWN
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
izgNQ31yaD4agf1/MnGm896rJjmJ0SWeE0UmgVjf1umE7xV8GqLgn5Ir38zCeE0DDJmMfpV8bKM=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824441.299577,VS0,VE0
etag
W/"7e59e0faca8e7131122838adef97a5cb"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
283
4.3a34b8e1e0903ea970e6.js
ads.blogherads.com/static/chunks/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
605e518c9e102547f3e608f6fce2a3a1ccaf414311e07f273f925bb5a353da3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HGYS02CN9FCYV986
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
/KROYWYJp8V9sYm1xQG0tWfqhUKGA/FQ1Pbtt4VcnSrzQ5aqj3tJIKzbcIZJRQp/UOFRqPjHc8g=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824441.299588,VS0,VE0
etag
W/"e0ce486ea63eee20a179f24baec4eae0"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
282
29.d55c843f1576102efdf6.js
ads.blogherads.com/static/chunks/ 		266 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/29.d55c843f1576102efdf6.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06c3e0ce4af4206bb1554266aee4dc01bd894b4abf5a217676e28cdebc88e83f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
R93GBS6KYA3G8GJD
age
2910
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
qk8VvQLNGojXJHJBN5Tupfutp4D8tFHV2h3OytPIfIVPQKGgSpODVX4/BcYUdPb6iQSSEREoE24=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 23:47:46 GMT
x-timer
S1704824441.300142,VS0,VE0
etag
W/"0cbb1cf6afed4c5873e83ff21a0884ec"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
9
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		161 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=ebaumsworld.com&domain=ebaumsworld.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b63b272b7a13de0dddd25b0acb730b3687d5d200669e406a8e1f4baff25a886

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
126
x-served-by
cache-mia-kmia1760073-MIA
x-timer
S1704824441.387178,VS0,VE59
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 07 Jan 2024 18:20:41 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_365857
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:43 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
age
2508659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
chO6i_7RuuY8wzDEthizp_MM0blaUlILS7b7z75RtGftaozPY2oGGA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=15131799&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441351&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15131799&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441351&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=15131799&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441351&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&c9=
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 765ade8c6b70e0e7c0b0572f4e039b98.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
SK1Sz7xJHsNU3h6nP7mg77bXkjrXSFlAHzl6JL_VZZNHaXb2q5e73A==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 765ade8c6b70e0e7c0b0572f4e039b98.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=15131799&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441351&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&c9=
content-length
0
x-amz-cf-id
jlIqdioJx8EMQtwLA9k06pi6zF_x8mJj8UjqSZuGI-TAK3xcHHYDUA==
collect
www.google-analytics.com/g/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-V5XPPXMJTV&gtm=45je4130v9103990244z879243709&_p=1704824438784&gcd=11l1l1l1l1&dma=0&cid=56901551.1704824441&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704824441&sct=1&seg=0&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&dt=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&en=page_view&_fv=1&_ss=1&ep.loggedIn=false&ep.title=Homepage&tfd=4508
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V5XPPXMJTV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: literally-media.videoplayerhub.com
URL: https://literally-media.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815975
x-guploader-uploadid
ABPtcPo4v-lihO1QF2uZKwIHI4MwQbVPvYVOsDS0VC65Wwih1u5eW_D8Iss1Wj-OLWB-F776sD4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMHhsdqyuptVcNRyEa%2BtcP5BFYUISZxDJAnQou3Sh%2Fr5Cc%2FcM7mFLJAZGzrpWvF5oRb25WO3cYPXsrLifG0s2bIteWkNGqmEfNDJMJSyvM26HIb0GW4NH85mJhudTX2KSm7EH1wNEIkRy7y2bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
842eb217998402e0-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 09 Jan 2024 20:06:10 GMT
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.4580281833652078
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
815975
x-guploader-uploadid
ABPtcPo4v-lihO1QF2uZKwIHI4MwQbVPvYVOsDS0VC65Wwih1u5eW_D8Iss1Wj-OLWB-F776sD4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt0eRa%2BdZFeVw9%2BqBtfeOe7p%2FN4pHyqZMcB4ZYwKeILF%2BtCVEhpobHakskpr07A3TGCty8wPdUZM06lCh3hjmAwacRIxkoTVMtUhhQ9xnqngGCttzyqlcHC7XeOaPa1BasnZbqYCxiWBQ1m06w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
842eb217998902e0-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
31.f273b80bac70479544d6.js
ads.blogherads.com/static/chunks/ 		1 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/31.f273b80bac70479544d6.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9397e17d22f9afbd29ee4a79c4ba050dca17fe9ccfebe0ce287844dccccf36da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFX39GC7MKGFNG9N
age
2913
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
r+v+dDEUgrP9AnKuPoTYflpC3Cu68wFZX7VPFPb8YyEQ01p6dgMDaRDTDQNueMfC9EkSmOzeELc=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.516954,VS0,VE0
etag
W/"e8f0ba07b20048323bb43e431e8f8b9e"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
329
optoutstatus.html
ads.shemedia.com/static/ Frame BF37 		748 B
781 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
2913
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 18:20:41 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
mbYDVR5J3Mg4JZ2ORVj00FtGdAhbNEo1efuqk46Nv0BRINPXQQC8/WmTUO1HIrZwO4+uUXqsw1k=
x-amz-request-id
924FXCPFQ92D9CXG
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
304
x-served-by
cache-mia-kmia1760038-MIA
x-timer
S1704824442.659578,VS0,VE0
lightbox.js
www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/ Frame 499E 		501 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/lightbox.js?mb=1704824441549&lv=1
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b5f7c78aba4a8f5853cbe1b57590642f22fe2ebbdbb66c72cade2c98255951b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 09 Jan 2024 18:11:49 GMT
server
cloudflare
age
532
cf-polished
origSize=510
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cf-ray
842eb217ed31221a-MIA
880446388736817
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/880446388736817?v=2.9.139&r=stable&domain=ls.kurdgozar.fun
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5781c468d395c662c036191329b7ef79b21a7a850b3b02cbf47edff734a1e618
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 09 Jan 2024 18:20:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
14nl/9r3yg3RgO6bSANGNFV/LyDp3laVA9C69AaUXKap67oTBXyWCV3uczZEV+uZDSkw1RHeAZ/ZvMHfU5/Syg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=93442ea6e663c83efb552bfa7859d78f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c711246451cec520c530b9640d655fb5d0c2575a405bc8db2246fc0fb3d2d1c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ls.kurdgozar.fun/
Origin
https://ls.kurdgozar.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 18:20:41 GMT
content-md5
YDNWyJQHVAM9gbPKNhf71g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88318
reporting-endpoints
x-fb-debug
qdrMNOpfskib1YZCS3s3pHmXRhUgz2MlJpyQwkNyDVITmSBtH+mQKQIpIAWtWeSy2um9o8PJ8uKA7jGueklLdA==
x-fb-content-md5
78901ef69a2ca3442564702a59a2079c
cross-origin-opener-policy
same-origin-allow-popups
etag
"50b63fb9afab4c194a44c62c3d6e2595"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Jan 2025 18:08:58 GMT
rules-p-byLmeZUvD2jyq.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-byLmeZUvD2jyq.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:bc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4500d459d73502983df85699b87d4f65ec8e026447066da7a492360a28cc99f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:06:19 GMT
via
1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
864
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:53:44 GMT
server
AmazonS3
etag
"1896aa5bb9a79f92c8800c8e6d27dfd3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
YBSxu-5bmNUC8Qe-kNP_sKkq-0FVRseNG5Px9MyhhHWRYD0tDBWg6Q==
user.js
www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/ Frame 499E 		702 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/user.js?cb=638386043549684919
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/lightbox.js?mb=1704824441549&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a8957ae28778909eae497bd8e73e5d21317424588e8c37d3b01b7861c5040c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3UBXiT4GAggWOKWpGTfNPA==
age
2154
cf-polished
origSize=1191600
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 15 Sep 2022 08:07:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
5db1157c-201e-0051-60a2-3206c5000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
842eb2184e2b221a-MIA
expires
Wed, 08 Jan 2025 18:20:41 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		122 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=21
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:6e00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
vJGOPXg55Eg10ePpe.oKRR8kUd73XmCz
date
Tue, 09 Jan 2024 06:14:00 GMT
via
1.1 f0f1092b2ad1f0e573a4fcbefe4fb620.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
43602
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
124670
last-modified
Wed, 03 Jan 2024 22:00:33 GMT
server
AmazonS3
etag
"89881b677e6e0a30830bf701b3bc6cbe"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=84600
accept-ranges
bytes
x-amz-cf-id
Xe5jmj9khg-wXQrSMwQyX2PBzXRHoxsZdlT3qIGJeg6jI2wfaVPshA==
op.js
tagan.adlightning.com/sk-ebaumsworld/ 		32 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sk-ebaumsworld/op.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cfc49666d47f3e0156f54dfd9c22a7aaa4fd957b71ffe694f97744a7cd02d0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:19:14 GMT
content-encoding
gzip
via
1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
x-amz-version-id
gjg8FLPXijovvEYk8cFgYO4USr1T7qXo
x-amz-cf-pop
EWR53-C3
age
88
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14645
x-amz-meta-git_commit
93b366a
last-modified
Tue, 09 Jan 2024 18:08:58 GMT
server
AmazonS3
etag
"80b138d915fd4e88bd64c0b92a878055"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
25tLMT41Yd3r1yd4wQrhobyOOqUMwyqLTegFsjk_RZ3DcMdwmCzwBg==
vendors~ads-injector~selector-helper.54d8a5c6a5b646767b7d.js
ads.blogherads.com/static/chunks/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~ads-injector~selector-helper.54d8a5c6a5b646767b7d.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4f15e8ab316eeec903231070bd42beadaaa91e304e142b95ba16baafc222230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFXCN5CQ93XTHJTY
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
lLH8GCpuqcHNu6uraQ2D80TSUXMofEzwmT1OCyENd2jOsjmvzUW4/DwrnDB7xKsDCKsfoKhMe1o=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.717103,VS0,VE0
etag
W/"b26233049ef1cdc5fb80f304f61368c3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
204
ads-injector.6e7d0d4ba3ece4a9112f.js
ads.blogherads.com/static/chunks/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/ads-injector.6e7d0d4ba3ece4a9112f.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6914dba124158e4de7a88484faddb5589776d27552c42f7570d95b47f05be78a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFX3WW40JC5T00K4
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
z82oxQM5ghZGo3pBaXVpQ3TCo8PoFOqw8oOHwoKBjMAdUaHOfN296ZyEG+bsqeRRnfR0gdBWnII=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.717268,VS0,VE0
etag
W/"c456cecda823a28945a38e8e5081570d"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
202
apstag.js
ads.blogherads.com/static/cached/ 		282 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/cached/apstag.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
BHE32EYXBAMK1EHW
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ADEq69oIQ5sy2V/git6/6StiKUuWSNtD5+BH1TBdgq/aRBSZUcPz9GwmB4WF/n8/DN6qll3n2aw=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Wed, 13 Dec 2023 00:00:03 GMT
x-timer
S1704824442.734201,VS0,VE0
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
8
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-123.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 05:29:49 GMT
Content-Encoding
gzip
Via
1.1 dbd83e9e27cde36e1e56c6d1ae4f5a18.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD55-P3
Age
305453
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
EBtH6A2u_2YodRQSm1TD2qd8hTSuS6YSfzK7vjSa6gFnpu-Bg53DFA==
vendor-optimera-common.5877553fb80b184455d5.js
ads.blogherads.com/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendor-optimera-common.5877553fb80b184455d5.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a4c15aaf2f9cd27b704a495010bc19669b8e9882330bb84e27d6e3b5e61ccf4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFXEY41DK1D3D1AT
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
hIGuf/OIy1EOdwbwzmzbp8xeRYxkO18pcB5as0xfUoD+8DnJIix7xKhxTdUC0s57HsqE1ynZf9s=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.734806,VS0,VE0
etag
W/"2dad40c330c854e193786bf93e4d9797"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
207
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.f36fcd5bbdeb5b752819.js
ads.blogherads.com/static/chunks/ 		85 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.f36fcd5bbdeb5b752819.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8187b218bf565d6d8543e1ac2332b18fdff375eb35cb803784f02c0240b85a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFX13MYK60641VKR
age
2913
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
v8+tLIl4yMRaUgpd0wjMrq4UMR9MBIfHykp1y5ZXwSAFJQWeLRleJBy1CKLSyU9fuelum/4qZJs=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.736942,VS0,VE0
etag
W/"94d95bb4b56f292597069547ee5efc67"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
312
vendors~boomerang-prebid-integration.33109a00b8033c8798a8.js
ads.blogherads.com/static/chunks/ 		68 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~boomerang-prebid-integration.33109a00b8033c8798a8.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
42823fa803646687b563532c968ab7d5e78afcc52aa85e734e818719e474de1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFX8AJMYZ02BQXS1
age
2910
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
IfsGKM8CUfgOSEd+I62MgGKZxBbVxHTwn7o/hAu9N7ZTUJfIucggItSNAtO6riVvmyHMOaYSKwY=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.737304,VS0,VE0
etag
W/"8d27bf377aa18fb243367a60f085dd3e"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
255
boomerang-prebid-integration.5c50ae259b39a9f4bd4a.js
ads.blogherads.com/static/chunks/ 		28 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/boomerang-prebid-integration.5c50ae259b39a9f4bd4a.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a58ac1aa668b0e0a9c9004e5242a3d9b58bbfcc648b818b7f8f179421945b200

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
WFX8E00XENVVGF06
age
2913
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
qeUFdOBIjP2JYSLQzBAOI87YQrZVLen6jiQnQOJpkLL1K+3AMxYnbbWP8Z8x3+2rPWJKsSCn6hw=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.737224,VS0,VE0
etag
W/"5175b6c4458de601b5a609a86e0dfe69"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
258
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-73.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
w6Ha68pJacUnuHVEsK5t0V6hDTkI3luf
content-encoding
br
via
1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
date
Tue, 09 Jan 2024 17:36:11 GMT
last-modified
Mon, 11 Dec 2023 09:04:28 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
2671
x-amz-server-side-encryption
AES256
etag
W/"a5c7623fd48021f30f35d232712086d5"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
x-amz-cf-id
qmfyfBwSpbJ-unMlqhofOlcIv0_Zbl2q7bo-NGPtxzoSFwZF7Cv83w==
SMC_comScore_175x32_2x_Lifestyle.png
ads.blogherads.com/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/SMC_comScore_175x32_2x_Lifestyle.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8465cbf5bc8b82a9666d40a357bab3a016290618bba93e588929d884b3ae832a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AK8R7G92GN3WR3
age
2909
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
dB4fZivjGBt//Uf1T/1A/INQaEADh1Q1HGCikoDZLYYAcW40QMjc0mVi3Lia4nKz3jXN2KSyQY8=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1704824442.749204,VS0,VE0
etag
W/"79765df773014426e6c0eb540bc3f74b"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
55
YAC_AdMarker_Icon_Only_19x15.png
ads.blogherads.com/static/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/YAC_AdMarker_Icon_Only_19x15.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26AV1BWMWGB17KYA
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
tpK2CZksNqw2tVuLa6d0nmDMSiKV6dATxOzZfdW/RZDlr6n64dREaxiCYXJjcCFHdRKw7mJrw78=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1704824442.749393,VS0,VE0
etag
W/"06500e222cb4c36f129c357ffef7ad59"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
135
YAC_AdMarker_Icon_Text_77x15.png
ads.blogherads.com/static/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/YAC_AdMarker_Icon_Text_77x15.png
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21bc65f86e0cd8dfbe47d505c85430a1356b7285e09f10a5fe1eff893dd27314

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AENSM9JQYNDGACGB
age
2911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
kAi/ZeFt9JEcKw5SYR1VrojpR7F/NtIn3vn/K7jXEEa8lEtrF4jN6fdgnElTCIfv9aKuJzrhFcI=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Wed, 01 Nov 2023 22:00:06 GMT
x-timer
S1704824442.749377,VS0,VE0
etag
W/"8827e02454b5cd2f3032bb6b5f6a61d8"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
82
8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
cdn.permutive.com/ 		1 MB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b15eafff74e5bafef7f0ec551332581dc0c37334d9c52206a90db0324370ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
0
x-guploader-uploadid
ABPtcPpoXw83xhwzrV_dNtRZUtOrlR_K3w3xrXTFZ2rVYqU7xBLKPgunl8qx-omVHLiqxRLb1_Q
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
268841
last-modified
Mon, 08 Jan 2024 14:44:57 GMT
server
cloudflare
etag
"0ad0e313ac7f9a2e219d117d68dcc3d2"
vary
Accept-Encoding
x-goog-generation
1704725097245992
content-type
application/javascript
x-goog-hash
crc32c=JB3xKw==, md5=CtDjE6x/mi4hnRF9aNzD0g==
cache-control
public, max-age=900
x-goog-stored-content-length
268841
accept-ranges
bytes
timing-allow-origin
*
cf-ray
842eb21968c121ca-MIA
expires
Tue, 09 Jan 2024 18:35:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0aa4917271856c86e3d6de008c60ff02a36d58d7aaac771a7f82c1b6cb7f6335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29262
x-xss-protection
0
server
cafe
etag
618 / 19731 / m202401020101 / config-hash: 15765606045019548953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Jan 2024 18:20:41 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 17:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1732
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 09 Jan 2024 19:51:49 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
493e102cf4e8cc1f13af948eb9339f6631a63b7a30536e5a368075c5e222ba43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80505
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jan 2024 18:20:41 GMT
b
sb.scorecardresearch.com/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704824441728&ns_c=UTF-8&c7=https%3A%2F%2Fls.kurdgozar.fun%2F&c8=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&c9=
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 765ade8c6b70e0e7c0b0572f4e039b98.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
POvP8mnY3Ul3qQcTRimp9WyfoDrfSA748EoGeVg3REK1ExMqkdSltQ==
x-cache
Miss from cloudfront
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637988260257525591
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/user.js?cb=638386043549684919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 18:20:41 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
525654
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
6cdb2174-401e-000e-66df-22f43b000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
842eb2195fde221a-MIA
expires
Fri, 09 Feb 2024 18:20:41 GMT
z
lightboxapi.azurewebsites.net/z9gd/40857/ls.kurdgozar.fun/jsonp/ 		703 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/40857/ls.kurdgozar.fun/jsonp/z?cb=1704824441806&callback=jQuery171008641312310455196_1704824441782&_=1704824441807
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/c4e51996-fae5-4bf6-a8df-737a5f5ef12c/user.js?cb=638386043549684919
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8291b1edbb0adebf345ff760a9b5b7a27048ec20d48e97d04560d4ffc5333e97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1704824441791&h=ls.kurdgozar.fun&e=p&u=40857
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 18:20:41 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
1067023
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
6d312bfd-401e-002c-0173-239a0d000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
842eb219680d221a-MIA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=880446388736817&ev=PageView&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&rl=&if=false&ts=1704824441839&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704824441838.966743570&ler=empty&it=1704824441581&coo=false&rqm=GET
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jan 2024 18:20:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
0.6f329a533b11ec17fcbb.js
ads.blogherads.com/static/chunks/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6f329a533b11ec17fcbb.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5974a2991ec0221d5cc4e8a9d9bc64c14d2baa4de1308985f24b0b152f552cd1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DXKWW7N8N1T186
age
2913
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
D1pHi8l1niSM6MBBJnJ/RQjSSxYI+rRHhRCqrlwMT3Y8OBOsr+nh+iZcgJoeX97yUK4aZ6p3Imo=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.871788,VS0,VE0
etag
W/"f8c5e05a43ec053405339463ff79b8f9"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
215
41.96e400b9b881e73af57d.js
ads.blogherads.com/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/41.96e400b9b881e73af57d.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8d08708beca6758e3d22b6559111da107ec78c6c014c9ce9025caab6ccfa84f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DQ9QCCPHHWY311
age
2911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CUiy9Nnhcr6jTDA+hdxYnQ0XwABzL9Y0fnhXDDeJIoRbbgzWP6L+PgSZtBCalu9YYPYU4wGvMOs=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.873245,VS0,VE0
etag
W/"f6b905d72572f6253b52255cf9a7d1de"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
165
37.b051547513871381df18.js
ads.blogherads.com/static/chunks/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/37.b051547513871381df18.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6d47dbd0279e6f7a165a392104b54ef37739eaa17d431cabd23e83f307aa1a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DJ9V49AD0TPGXT
age
2911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
cbAorfw9KgmvZQDoHusghmIlKN+06zN1Ss+RW/NPsVa49g56TV1HOHuV4IA+wah6Yw28F2+w9O4=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.873056,VS0,VE0
etag
W/"5da3bec6333b4117c39cce63a2f24349"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
162
33.d91d28fe29b030abafed.js
ads.blogherads.com/static/chunks/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/33.d91d28fe29b030abafed.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
454824607a8ad2fd9ce0e05851eb21700d3e66d18b1f5037037aff4e7c47bff4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DYK26C5VFM5SKX
age
2912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
MYvVoF71Wmz/tadY6iyPlYvsEFic6JHaCYa/z5pAAR9SnY5mJ939Sw8M/U58YjV1ffJubKFX9Wc=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.872921,VS0,VE0
etag
W/"278636b4e1f0171740daf09f49853b4b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
160
38.ab6bb29f1b66e3f12387.js
ads.blogherads.com/static/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/38.ab6bb29f1b66e3f12387.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a436eea74cf54c966667338fed023aac3cd40431914c48a539d08ee3a52a4d71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DJSVE9H0MFHS2P
age
2911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
swdrnUwnhxo0ieVUiTj6GLAnEudxVE/OyFrAWdsQ55hwSUXjoJksaDcYBb/7thAHuJXhnaNZXGU=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.873122,VS0,VE0
etag
W/"2a696d5af022abb51163705db0dd2aab"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
155
42.00d5bb4f5ccbb2ea8965.js
ads.blogherads.com/static/chunks/ 		604 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/42.00d5bb4f5ccbb2ea8965.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d345a5cb51087db8bc406ea4123fbc65c91ead3ff7535d547fa0e033ecdeb3b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DZYVZJMWZH9MNT
age
2911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
0vpC9yUYbrOmfOSpss8JqB+0eVDjlVLG0tMIssjDOamQnS34dWpAOrHFLNxg7AMpkk+y0RaYpkI=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.873506,VS0,VE0
etag
W/"2578cb30d8c225ab57b83ef056f339ed"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
152
39.53eca5190a83bbf92f2e.js
ads.blogherads.com/static/chunks/ 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/39.53eca5190a83bbf92f2e.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c31c9cf37540a3068363b06fdab8a5f21d46f24c0d27cf17361f088b8b876bb1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DN8RXFZ6VJTYX1
age
2910
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
5w2BvwPKRBxrfH9ATwNnImDWf/WWvTDmaGMq+B5zQWQ2s4pC3dHkL2gJVeV01I67VP+AwUWE8xM=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.872794,VS0,VE0
etag
W/"155ccbcca1061dd0fb2dd119c5e2b2c6"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
158
43.c6fb04d2c4e1c53589b3.js
ads.blogherads.com/static/chunks/ 		1 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/43.c6fb04d2c4e1c53589b3.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ff16f57acf554becc8e7d6ea855e3d74140323ed42b3fee6a981b1e53631bf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DW52PAGVVVVKA5
age
2910
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
7hKSQe6ZwIT5cMsG32mnYYUlBU1tekW/wT9dtOeaqq9vrdGVx6oV6DaZqX5v1WpaCRQC3m+zsLU=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:35 GMT
x-timer
S1704824442.872808,VS0,VE0
etag
W/"bbc4d0cb62affb23216418b3faf0c8ea"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
149
35.f51b2417d55dcaa05529.js
ads.blogherads.com/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.f51b2417d55dcaa05529.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
29a6771030e44fa8bf95d16c3c28b4ff2f4802cf8bf3d9fdad98a55e2cf64364

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DR4Z46N1G6ZR7G
age
2910
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
uVCy9yhDNBKH7aXLELIMbhNmIrcj1ZXxakbfxUeFklwkTocsFpR/IsQGlokulFRp/vacH0yrjDI=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.872767,VS0,VE0
etag
W/"44a63cde7e9e2757738a20a0faf9f06a"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
150
40.7b7dd12492954e9d7cbb.js
ads.blogherads.com/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/40.7b7dd12492954e9d7cbb.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1911a787e994a6ceb10a60bd1045af1cb2a2659fb363c40a422bbadb1b3c9a79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:41 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
S5DR4CWAB396VZAD
age
2910
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
M3jxzSib2Ej/WWIvkrLiueZyXznAOSIfHo2ssQRDB9k2PskwJ/7as40Gvb7qXTfV/SPUKUsWcSE=
x-served-by
cache-mia-kmia1760098-MIA
last-modified
Tue, 02 Jan 2024 15:24:34 GMT
x-timer
S1704824442.872739,VS0,VE0
etag
W/"7a3d17bd7edd5641b220cd062b1c9125"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
159
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/cached/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.111.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-111-130.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 3200e279ff99ad1800a0dd3b3c8e2d10.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
9UWl3RtkMQyJxPalJDH_-RrJcjuZwy8xuE8fQqOWcddamLQa8qK4-g==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=0&a=1380610010&t=pageview&_s=1&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEABAAAAACACI~&jid=427858818&gjid=1545080410&cid=56901551.1704824441&tid=UA-72491114-4&_gid=1715661141.1704824442&_r=1&_slc=1&cd35=8352%2C1019017&cd36=a.ebaumsworld&cd37=entertainment&cd38=_na_&cd39=_na_&cd103=dc762076-073f-4f03-af2b-dff175097752&z=280672463
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=2057976439;source=gtm;rf=0;a=p-byLmeZUvD2jyq;url=https%3A%2F%2Fls.kurdgozar.fun%2F;uht=2;fpan=1;fpa=P0-1454732873-1704824441591;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2057976439;source=gtm;rf=0;a=p-byLmeZUvD2jyq;url=https%3A%2F%2Fls.kurdgozar.fun%2F;uht=2;fpan=1;fpa=P0-1454732873-1704824441591;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;us_privacy=1---;ref=;d=kurdgozar.fun;dst=0;et=1704824441880;tzo=600;ogl=;ses=9d5f286b-2978-482c-9a68-254cf498ea97;mdl=
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
3afdd0b474cf3b226301c8dedbf615d41af85ea6dc
memorizematch.com/confirm/a66326a550/ 		295 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://memorizematch.com/confirm/a66326a550/3afdd0b474cf3b226301c8dedbf615d41af85ea6dc
Requested by
Host: memorizematch.com
URL: https://memorizematch.com/v2kisuUII5WA-HR5P71C6bUydvMwfMPJVUj8XMXHj3S_hHFVlFTAc9kA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
3edbf2b4a7998c1a0b93d6f0993486c0ac4401ab2f0ca448df05c69fcae7ae12
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 09 Jan 2024 18:20:42 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
x-hostname
fen-hoothoot-us-east1-test-8hh7
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 09 Jan 2024 18:20:40 GMT
supply
events.browsiprod.com/events/v2/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=NRKxiUwAu@cNjQziauUq
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.148.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-148-56.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://ls.kurdgozar.fun
date
Tue, 09 Jan 2024 18:20:42 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		0
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=d_mapping&pk=shemedia&url=https%3A%2F%2Fls.kurdgozar.fun%2F&bid=NRKxiUwAu%40cNjQziauUq&at=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&sw=1600&sh=1200
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.108.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-108-35.iad79.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:42 GMT
via
1.1 c640b1afa51b342db4c4d96d404a1eda.cloudfront.net (CloudFront)
server
akka-http/10.2.1
x-amz-cf-pop
IAD79-C2
x-amz-cf-id
RHR-u2u_vZBui6s-I88ROx8AevIMYi3HRTbpdONNOaQBz9BsIqEzYg==
x-cache
Miss from cloudfront
b-93b366a-2408ce2a.js
tagan.adlightning.com/sk-ebaumsworld/ 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sk-ebaumsworld/b-93b366a-2408ce2a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
919939a2641fc2b8953f574b3bfcad533e3dba287fc8c1c373f3bf8e71011c24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:12:16 GMT
content-encoding
gzip
via
1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
x-amz-version-id
b1Y8zgGjcG.n7rNbdRmJBOI2Rf9_XGs7
x-amz-cf-pop
EWR53-C3
age
2192907
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27424
x-amz-meta-git_commit
93b366a
last-modified
Thu, 20 Jul 2023 18:36:53 GMT
server
AmazonS3
etag
"d3933ef25eaf1f0d6f1d0679ac5b73de"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9Ir8TgjIsdL3ykYzPLeVEpIBlOnaJL38b2Ie0s_7vu8HKfmQWbsMtQ==
bl-250cc79-eedcbeeb.js
tagan.adlightning.com/sk-ebaumsworld/ 		97 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sk-ebaumsworld/bl-250cc79-eedcbeeb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-71.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed7db4470ff1b8f9802d61ca35673e43b6b8ba7bc7e61bae301bdfb738cbc5fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:19:14 GMT
content-encoding
gzip
via
1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
x-amz-version-id
YR5A1dMz5gGReiAyYYgT1AjE6nKLm2Th
x-amz-cf-pop
EWR53-C3
age
89
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
41673
x-amz-meta-git_commit
250cc79
last-modified
Tue, 09 Jan 2024 18:08:26 GMT
server
AmazonS3
etag
"cce686e7e1eda4e0f29c2033a8c5c0cb"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rPAkHg6qzmqrzs69XV5BF2rm1Hlv4vpAQDUKzkBbrgYTFb4_I9OqsA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/webp
collect
stats.g.doubleclick.net/j/ 		2 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72491114-4&cid=56901551.1704824441&jid=427858818&gjid=1545080410&_gid=1715661141.1704824442&_u=aHDAAEAAAAAAACACI~&z=846884847
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 09 Jan 2024 18:20:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/v2.0/ 		12 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/v2.0/pxid?k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:42 GMT
an-x-request-uuid
3f2a5d63-0cb0-4b1f-8fdc-c9b6775abe89
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CGRZHQ8KQD&gtm=45je4130v889303370&_p=1704824441727&_gaz=1&gcd=11l1l1l1l2&dma=0&cid=56901551.1704824441&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&sid=1704824442&sct=1&seg=0&dt=Funny%20Pictures%2C%20Funny%20Videos%20%7C%20eBaum%27s%20World&en=page_view&_fv=1&_ss=1&_ee=1&ep.adunitname_lvl1=8352%2C1019017&ep.adunitname_lvl2=a.ebaumsworld&ep.adunitname_lvl3=entertainment&ep.adunitname_lvl4=_na_&ep.adunitname_lvl5=_na_&ep.pvuuid=dc762076-073f-4f03-af2b-dff175097752&tfd=5270
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CGRZHQ8KQD&cid=56901551.1704824441&gtm=45je4130v889303370&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6b2b69e5-51aa-4bfb-b15e-6b1b0bd4032b
https://ls.kurdgozar.fun/ 		703 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ls.kurdgozar.fun/6b2b69e5-51aa-4bfb-b15e-6b1b0bd4032b
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e192b6cf0caa0d1de151a866270741eafec3b2a90670ff32bb1f5660d797347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
719957
Content-Type
ea07efe9-f838-4edf-a329-0a75fa8e1723
https://ls.kurdgozar.fun/ 		703 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ls.kurdgozar.fun/ea07efe9-f838-4edf-a329-0a75fa8e1723
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e192b6cf0caa0d1de151a866270741eafec3b2a90670ff32bb1f5660d797347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
719957
Content-Type
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 18:34:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85556
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140253
x-xss-protection
0
server
cafe
etag
11435206252018266965
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 07 Jan 2025 18:34:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ls.kurdgozar.fun
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d23c8b0660a8de4ff736f1c38782322b95832897276a565e58af9387951490c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
x-xss-protection
0
expires
Tue, 09 Jan 2024 18:20:42 GMT
geoip
api.permutive.com/v2.0/ 		279 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e95289074f070240dccdabd849d35d5c3f57f9c9bfb9d5ffe538aac12d1926aa

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
194
watson
api.permutive.com/v2.0/ 		2 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
99d83033d574af874f408f88218ce04f10c401752aa125d1dec1
memorizematch.com/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://memorizematch.com/99d83033d574af874f408f88218ce04f10c401752aa125d1dec1
Requested by
Host: memorizematch.com
URL: https://memorizematch.com/v2kisuUII5WA-HR5P71C6bUydvMwfMPJVUj8XMXHj3S_hHFVlFTAc9kA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 09 Jan 2024 18:20:42 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
x-hostname
fen-hoothoot-us-east1-test-8hh7
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 09 Jan 2024 18:20:41 GMT
8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-models.bin
cdn.permutive.com/models/v2/ 		173 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
532b844a51cb933d7df3317ac517c9fac6669373fa3324ab301b80f6846bc1f9

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
0
x-guploader-uploadid
ABPtcPrYaty0AGgSwvNOEZKMfLB4_NUPGuYYITZeI3w17YP3N29EgaOqmUc-JxfgUeKvVZbesDE
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
123679
last-modified
Mon, 08 Jan 2024 14:45:09 GMT
server
cloudflare
etag
"ef85e341d902a66895e94205f1bcb0ff"
vary
Accept-Encoding
x-goog-generation
1704725109278086
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=7e+S/w==, md5=74XjQdkCpmiV6UIF8byw/w==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
123679
accept-ranges
bytes
timing-allow-origin
*
cf-ray
842eb21d4dc77448-MIA
expires
Tue, 09 Jan 2024 18:20:42 GMT
service
async01.admantx.com/admantx/ 		291 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://async01.admantx.com/admantx/service?request=%7B%22key%22%3A%22dcde31e32d21f5432ab192ee50f9e0a8ef294bab4778ada95dfabeb949b2b9ce%22%2C%22filter%22%3A%5B%22default%22%5D%2C%22method%22%3A%22descriptor%22%2C%22mode%22%3A%22async%22%2C%22type%22%3A%22url%22%2C%22body%22%3A%22https%253A%252F%252Fls.kurdgozar.fun%252F%22%7D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/29.d55c843f1576102efdf6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.76.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-76-222.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff447038cd99e33d6ec98bf967a0513de0d4d22b4caef0af5856ae0b8970bc62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:42 GMT
strict-transport-security
max-age=31536000
server
nginx
content-length
291
content-type
text/plain; charset=UTF-8
pub
pixel.adsafeprotected.com/services/ 		816 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=930203&slot=%7Bid:skm-ad-flexbanner,ss:%5B728.90,970.250,970.90%5D,p:/83521019017/a.ebaumsworld/entertainment,t:display%7D&slot=%7Bid:skm-ad-frame2,ss:%5B728.90%5D,p:/83521019017/a.ebaumsworld/entertainment,t:display%7D&slot=%7Bid:skm-ad-medrec-1,ss:%5B300.250%5D,p:/83521019017/a.ebaumsworld/entertainment,t:display%7D&slot=%7Bid:skm-ad-flexrec-1,ss:%5B300.250,300.600%5D,p:/83521019017/a.ebaumsworld/entertainment,t:display%7D&slot=%7Bid:skm-ad-flexrec-2,ss:%5B300.250,300.600%5D,p:/83521019017/a.ebaumsworld/entertainment,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7608370a-059a-d48b-1ca5-13e53a3a7ae9&url=https%253A%252F%252Fls.kurdgozar.fun%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.90.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-90-71.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b5e72e420dc73534143870cc3418a9a2d56476649f2374c6a3eb2d0fd64a342e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
server
nginx
x-server-name
app50.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
envelope
api.rlcdn.com/api/identity/ 		0
0
ats.js
ats.rlcdn.com/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-11.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:47:49 GMT
x-amz-version-id
x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding
gzip
last-modified
Thu, 19 Oct 2023 08:25:12 GMT
server
AmazonS3
via
1.1 05f4e6c9553ff5b6620e13adbd08b064.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P3
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
77574
x-amz-cf-id
BQP37f6UaCZy6G8TtHc31k9t_SF8Z3qbGDNV5NH7CexUA_ZNPx3ROg==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72491114-4&cid=56901551.1704824441&jid=427858818&_u=aHDAAEAAAAAAACACI~&z=1931612474
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D21%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-95.compute-1.amazonaws.com
Software
/
Resource Hash
dfb25a6c3f556119295180c53ada32366c9b6dd5451403396ea91599f621cd60

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Tue, 09 Jan 2024 18:20:42 GMT
connection
keep-alive
x-amzn-RequestId
90ab9059-7d9c-5229-bd40-ce4eed269668
Content-Length
378
Content-Type
text/xml
/
geo.privacymanager.io/ 		30 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-81.iad66.r.cloudfront.net
Software
/
Resource Hash
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:30:54 GMT
via
1.1 8f37d2a62fbfeba0212cd5ced67c0c16.cloudfront.net (CloudFront), 1.1 cef2b4d24f9bca7ece48f6be33efd62c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P2, IAD66-C2
age
35389
x-amzn-requestid
0df21cc8-05f0-4e0c-90e1-683747cb7a0f
x-amzn-trace-id
Root=1-659d043e-4d329837682e0ed2030de488;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
RQ2ZwFrVjoEEQjw=
content-length
30
x-amz-cf-id
P-DucffqjCpVk4HaT6z9wuYti2ywtPJwyo_J_CsuAVVcqkzN3g7NpQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
odometer_6290d58f.css
ls.kurdgozar.fun/css/ 		3 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ls.kurdgozar.fun/css/odometer_6290d58f.css
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a3a9d5a3d0a29b681a5fb62db684d6604b2582bb5bdf1caec88ffb9285ab94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=Edge
last-modified
Mon, 08 Jan 2024 18:00:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFFzJ%2BsVxN1mlZbNUhOFyL%2BgfWLMpIY2jLj15K9XskPjD7Jm30JRksFQuIQmriDnSBOsSDqEM5J4h3YmlUaJBiFo2nnU8FTA6UXUuVLA47s%2Bugl1CxRXUmThprp%2FHEWkTzticJ%2BBiB7gIXsSd2b9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*.ebaumsworld.com
cache-control
max-age=2592000
cf-ray
842eb21ebf30daf9-MIA
expires
Thu, 08 Feb 2024 18:20:40 GMT
flipclock_6290d58f.css
ls.kurdgozar.fun/css/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ls.kurdgozar.fun/css/flipclock_6290d58f.css
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a4aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce759bc9c2a3b69f1bca2c94df8afa4d278a285906bf9385b60d1a6e139f72c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
x-ua-compatible
IE=Edge
last-modified
Mon, 08 Jan 2024 18:00:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Tyf0isLk0ElIVNYiGFvAPNOOCA8ELeld8O0mNUpIUnHK3vCsyFSKGe2F5d9kHriKSvG2eQH3UCoquKuvB2IkwpQCdXSaXN1YugvrkUhHt5lBYVQOPICJt3i0eXNsUKnKEaAUP07e0kJUUsDdnSn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*.ebaumsworld.com
cache-control
max-age=2592000
cf-ray
842eb21ecf44daf9-MIA
expires
Thu, 08 Feb 2024 18:20:40 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637988260257525591
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
525655
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
6cdb2174-401e-000e-66df-22f43b000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
842eb21ee9b2221a-MIA
expires
Fri, 09 Feb 2024 18:20:42 GMT
meme.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/120941/87493261/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/120941/87493261/meme.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
34f328b7d796fc83aba7ca97bb5a9983414c0c1256edf97fbd59877d2660feec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 17:09:42 GMT
server
AmazonS3
x-amz-request-id
NGSSRQGV50H596DX
age
90661
content-type
image/jpeg
content-length
166881
x-amz-id-2
9u0YiCdqaAX0WlcPn85JJ5twWk39DtKnNC2bw8nsQzOSZaDnjDZVtOcq/vA5XbDTygpWFFhYxng=
x-llid
36ea718d9d173533af9d39a5b727424f
lord.jpg
cdn.ebaumsworld.com/thumbs/2024/01/09/114208/87494023/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/09/114208/87494023/lord.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
cec0a30eb75b81d4200725c16192101ba078c44d1a21e591a96ffc3e62d7153e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Tue, 09 Jan 2024 16:42:09 GMT
server
AmazonS3
x-amz-request-id
EMB9FBPYS108R0DV
age
5914
content-type
image/jpeg
content-length
181819
x-amz-id-2
Ea+Ecj9FrHfwBIU7h5VU2gwuFwRSjq61xb2eRj2Pb+fJF28IsWilKtVh4+tlk5JV3oSS+wDM3og=
x-llid
bd1d33252558ec6a2c6f7ca8ca706326
wholesome.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/065624/87493909/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/065624/87493909/wholesome.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
918a411b86a1e4ffeb5ecd72654dd13d5509df9db13385b602d33d403be139c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 23:56:25 GMT
server
AmazonS3
x-amz-request-id
2FBDPVJ0NDCYX84C
age
66258
content-type
image/jpeg
content-length
165011
x-amz-id-2
UfjL+tPPItgYbMvobXn9yHEW+2vRCf5lWNg5wvKiI3Q1dV6ZVljiQNxjhkaKXQRko1I92QYr9zs=
x-llid
397327e8a74cf822118e8f75f63d9915
butt.jpg
cdn.ebaumsworld.com/thumbs/2024/01/09/100156/87494022/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/09/100156/87494022/butt.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
397e925bb85f3cc9b7d4200ed7a3b29954c1c9b66347e8caa747ad14c9bc70fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Tue, 09 Jan 2024 15:01:57 GMT
server
AmazonS3
x-amz-request-id
3R7YWDG1QPN2XKDQ
age
11926
content-type
image/jpeg
content-length
226157
x-amz-id-2
uNzvY3OVdBfvevEYdXxggWN0YniLP2k+qh883QwSbn2m8azmWdW3rSdjGMoVfDtxrArEVt4ddRQ=
x-llid
ef38fff41b4b4e3d08e21160b656217b
context.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/021122/87493574/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/021122/87493574/context.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
66b240bd48e5cc0a125ebde6dd8027f01339751c2252f9779cf33e900dd51cc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 19:11:23 GMT
server
AmazonS3
x-amz-request-id
8GKA2S62ATMNX4GE
age
83360
content-type
image/jpeg
content-length
116653
x-amz-id-2
zKEgvJUuufE6FtpDpoVzqyORZdhfWO1RmyG3ZhBN6HuUZfSusaJVYpsoXmNLhm5YiBgJYYn0duE=
x-llid
92b7b9355ae43c04d28fc9cd22f71700
glasses.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/063427/87493908/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/063427/87493908/glasses.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
33d67823c88202a148e0f5ef9934b3826446df1872adc0fd53b58b13fcadbd07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 23:34:28 GMT
server
AmazonS3
x-amz-request-id
VFEJZME2MFVRPZ0X
age
67575
content-type
image/jpeg
content-length
93532
x-amz-id-2
VdFmEP278OWtP/lfq+DaVxFJ/jRWe67S8BPNkMr19NDvMIor3NeHTPADcEoe0enQx94fmyR0Qq4=
x-llid
5a0e440c1dbd1dc3b9e1eac23653614d
T2.jpg
cdn.ebaumsworld.com/thumbs/2024/01/06/112553/87493454/ 		390 KB
391 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/06/112553/87493454/T2.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f43bd1a5317dcc08c6bba4f3d560c81e827650dbf1487767128049308791ad5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Sat, 06 Jan 2024 16:25:54 GMT
server
AmazonS3
x-amz-request-id
PV5Y7R1569G4DSJ1
age
266088
content-type
image/jpeg
content-length
399536
x-amz-id-2
70b777VHSRXpzidn+R6jq7FTRCSme1JTxD7D4pwt0oRZpf3FKvOpcfT0EejVnRs7bmE6IHlblDk=
x-llid
f6bcba4886d829122cb8967f97aaf0be
tay.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/053714/87493882/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/053714/87493882/tay.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
31c4ba3ddabdf2efb07209405759dbd42f26c771f480a1d4a6d32c439f921dd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 22:37:15 GMT
server
AmazonS3
x-amz-request-id
SYF3YPTMV29P9J64
age
71007
content-type
image/jpeg
content-length
127097
x-amz-id-2
BMRSasZCv4rNESRWIPvQCfL1RUtgj/ULqq+U2Z8DkX3C3o3R2Wv/NZdzFLYcqQDeBYQFdGqrXgM=
x-llid
308041361886dd600864e91e70fad089
pics.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/022311/87493496/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/022311/87493496/pics.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e90b43c18472bfbdd0d5d70f9b55280ce4f8312567a9ffffd94b0156988724df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 19:23:12 GMT
server
AmazonS3
x-amz-request-id
K5PWGJ45CS00TFQ6
age
82651
content-type
image/jpeg
content-length
146403
x-amz-id-2
Kt6NO9rx9S2/3qJBA5roFLp5LTC1LqZF7e+6HkuVGrEAc7PSpLsRGcmgLeiskvBrdcjaRglFwe0=
x-llid
78d70d588e9ad4499a191f8062c98932
urn.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/061828/87493907/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/061828/87493907/urn.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
e34b3767763a4366a4b284da2349d876fc04a42d2273dcfddc352a32bc4b0058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 23:18:29 GMT
server
AmazonS3
x-amz-request-id
TDBD78HNMV7BCXKH
age
68534
content-type
image/jpeg
content-length
127597
x-amz-id-2
HQYrSHD8teEcWUggZJKc+WWfYki85ip08Keg6M6XtzbvLBLz2yJqXVc2UXQ40QOE1gPRz68MznA=
x-llid
bd6840c29f474fbb3446f236552c1ff7
pic.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/122756/87493302/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/122756/87493302/pic.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
7d2935081853130146140a160441c206c7f2176e315d2ce34671de2c53fbf6ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 17:27:57 GMT
server
AmazonS3
x-amz-request-id
0KESJMXZYVRSX7P5
age
89566
content-type
image/jpeg
content-length
165321
x-amz-id-2
lisSta+OH5jU8rdDHfTd+k0fto/zb1gn2KM7CcHPpQJFGsk0i+Uiw3bWGsVnucW3pBZedyl8Uw4=
x-llid
c8d066e7cc56bf1b1aeac3057bbdacf8
cafe.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/055653/87493906/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/055653/87493906/cafe.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f5ff3ef14b90092e994b9d8bdcc10bdd978cd62c25b3c948b1d7d7bd7d089061

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 22:56:54 GMT
server
AmazonS3
x-amz-request-id
RT6GHEMR88THMTGZ
age
69829
content-type
image/jpeg
content-length
90800
x-amz-id-2
ZawiOWdXfyAp5iyBAIQ5O05G6WI6GMqqPOt+Amp7eQRBKQkpIahhwEstuRSQ6A+a28hknNVjmKQ=
x-llid
81d181612bbb791f051a90e62a80ee5a
forgotten-history-thumb.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/122033/87493710/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/122033/87493710/forgotten-history-thumb.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
4af93837a2eb9b5e36918849e985e92a56ffe5d9894c3d73d4cba085023d0836

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 17:20:34 GMT
server
AmazonS3
x-amz-request-id
YKDB1VHCBSA1TA5Z
age
90009
content-type
image/jpeg
content-length
71266
x-amz-id-2
dPhq6iFlzW1qY1V9w5wLkmw4XVatJ1UyEAhlP/qYtQJyEn1j6UzW3SwQ9gdgCdiH0ObhmvY6rEQ=
x-llid
141ebcc235fdbc534c62b1a3a4e1cc91
cry.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/014403/87493828/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/014403/87493828/cry.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
87d5b6ce9b6943eb11b5c4650af294e65150a8de88f3cfd9f099af14243dc6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 18:44:04 GMT
server
AmazonS3
x-amz-request-id
EZ2EX630TZZA2SPF
age
84998
content-type
image/jpeg
content-length
134952
x-amz-id-2
JhEWDFE+eA06WEZKcv75/W3VKkFjI3fSxiSDYpc8+U4MdEy3Zc1JvnYyhjpnYW5WcoC4I4KJ2lA=
x-llid
6b8f1c9fe7045f551d5a93142fed6637
tweets.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/023623/87493829/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/023623/87493829/tweets.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
2718adeca5ad7bc2bdcfd9d3a2403af47494d18660108364733d9d43e2ae869f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 19:36:24 GMT
server
AmazonS3
x-amz-request-id
JS009HZQ17ERR9V3
age
81858
content-type
image/jpeg
content-length
130763
x-amz-id-2
FxDNOa1Y0P3GPVA1zuFKo8+IVdFxNdankYa0Skc2Q137waSkc+LG3ilQID2A/jyxeIQGhAZxKDo=
x-llid
e5f461ba0b9f971e0a2cf3ac6a350d6b
hump.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/011527/87493827/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/011527/87493827/hump.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
c46dda469ed6696a21929db7c24648fb09719737d11999847dd18a942b15958b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 18:15:28 GMT
server
AmazonS3
x-amz-request-id
HEWKXE0KPZC6KGK3
age
86714
content-type
image/jpeg
content-length
118457
x-amz-id-2
0FJKV6UVcfORgKjeGn6zY/qweq3qXv+bG88tEZWM57pd3VxB1cvyqbfEdD4UsYeB1LKr+ZNps7E=
x-llid
b14d5899ec69c794f3e674df6a74cbe2
work.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/010918/87493804/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/010918/87493804/work.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
3c27f8c071d9e3d7d96e0d0f6710a424b17a14deca8ebc539fbee597fee72ad3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 18:09:19 GMT
server
AmazonS3
x-amz-request-id
6TCMZVVC3TCR603A
age
87084
content-type
image/jpeg
content-length
161555
x-amz-id-2
59OqIc4XXzfYX4NVnkqHR4yW964+ktLBMH5GTDMbF0gC7z5+OqcUptqj9Wkaj8ZWP/DY6dxa1vM=
x-llid
c85007d69fc9e2f3ab926ee0e56ae62a
phone.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/124023/87493761/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/124023/87493761/phone.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
02e9af70b9216437e80380311f637a03b9e9479071ea700f9785f4e88fa2d27b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 17:40:24 GMT
server
AmazonS3
x-amz-request-id
C7ACVNPGRVWA7DDH
age
88818
content-type
image/jpeg
content-length
195734
x-amz-id-2
BXFSH9Z5NdEDqL6ScRuqash18rYVbAuKmlx0D/YJizsy5hzqx06b4cqIVdZQSw8P7cuY3Y8JyPo=
x-llid
1b1c33f9b6d95d8f6bd9524862284453
jo.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/095437/87493709/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/095437/87493709/jo.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
95857594972f6ca1a22f92b959ec3b9ce5b83e930e1a877e178f32bb4eb4f21c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 14:54:38 GMT
server
AmazonS3
x-amz-request-id
NSG929WM69G2Z9BC
age
98765
content-type
image/jpeg
content-length
69160
x-amz-id-2
a1Q5t/VFR674qLyasxkuLrvqmF2Zm2lEH1CDbct+Wm6qggeOSlxWyPIWGK2VPAhfPT1lin4kCeE=
x-llid
b5f2331cddecae28150d2285d0332e9c
fb.jpg
cdn.ebaumsworld.com/thumbs/2024/01/08/090836/87493644/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2024/01/08/090836/87493644/fb.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
f3f1d13a0e740de5a47a2a37803b6c30a9866fcad648fd48dc0e2bbe4030f2fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 08 Jan 2024 14:08:37 GMT
server
AmazonS3
x-amz-request-id
8YE75SRBWXZ4GCZJ
age
101526
content-type
image/jpeg
content-length
219826
x-amz-id-2
h2J/7vbafLlW+2j2YZkRaSKBdLjDeYIExc0kO2P7bj/DUfLeAazTdErfMWse44gFiG7PgKQKR1A=
x-llid
609a7a4583816b89c626b39b1cae8ff1
mops.jpg
cdn.ebaumsworld.com/thumbs/2023/12/11/030841/87485539/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/11/030841/87485539/mops.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
5c2433b6c8d6d773d67062482a5fcc12fb0de8633b2e391fc529283e76dabe21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 11 Dec 2023 20:08:43 GMT
server
AmazonS3
x-amz-request-id
MK0T3CYTV5SNR3R1
age
2499120
content-type
image/jpeg
content-length
74191
x-amz-id-2
jFpIrbhoINfRWrki6btwhzJPcKsewDHU8+jIiPJ02GLYk3g5xi63ftp3LLPQpdXmEh0Hb8GptkQ=
x-llid
137411a6050fe3ef53fc3c802d378fb6
X.jpg
cdn.ebaumsworld.com/thumbs/2023/12/14/022509/87486768/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/14/022509/87486768/X.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
a7ac5981c28bfb68a9775b242e03c3c85ce21379df5b6a41d69890e415b35d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Thu, 14 Dec 2023 19:25:10 GMT
server
AmazonS3
x-amz-request-id
JR0WRH85AAAHM8Q7
age
2242533
content-type
image/jpeg
content-length
42059
x-amz-id-2
nttkD6aVJ1I+dK9nzbofvZ08xsqDQEMk4TaGxLoi5BTQV+Y+1y0ce3mFwiFkpETAvCi0TmsyLd4=
x-llid
ca79dae7c64d02e0ce3d1cb3a63ac8ec
cuba-s.jpg
cdn.ebaumsworld.com/thumbs/2023/12/13/055117/87486450/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/13/055117/87486450/cuba-s.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
28ad7e91102ab8166ca104eab890ee9238390657237d37790f86b4fed6d08207

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Wed, 13 Dec 2023 22:51:18 GMT
server
AmazonS3
x-amz-request-id
70YYR3KY033RRYNF
age
2316565
content-type
image/jpeg
content-length
39382
x-amz-id-2
ghhgQuvGsqxnJQIC3vaZV4lgahUuHkhPC2+yNAU1HVmhtLAcLwgI2iO0ItUgfUDWzIBT1+5eDws=
x-llid
7eccb599f3b977c6a7d047b018ab5cb3
tweets-s.jpg
cdn.ebaumsworld.com/thumbs/2023/12/15/011511/87487017/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/15/011511/87487017/tweets-s.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
435e23794c212be0a3c2925e7c5b937c781e5c5ebd33185496e4f644930be4c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Fri, 15 Dec 2023 18:15:12 GMT
server
AmazonS3
x-amz-request-id
47SE1ZJ49NF9Y7BX
age
2160331
content-type
image/jpeg
content-length
29929
x-amz-id-2
YAlUHb/AOn8PubVp5htr7Op1M2h1s5qEvu0d/tGON9IofwGZRmTm0S1gk31KPPzukVTt/UO67yc=
x-llid
35607f0a430cfb2d6530264211a03269
work-s.jpg
cdn.ebaumsworld.com/thumbs/2023/12/11/020034/87485513/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ebaumsworld.com/thumbs/2023/12/11/020034/87485513/work-s.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.28.187.147 New York, United States, ASN22822 (LLNW, US),
Reverse DNS
https-69-28-187-147.iad.llnw.net
Software
AmazonS3 /
Resource Hash
af6fbab3d9f169795633e0a3d98ec4089d367560a16b893e632e9dba3eef3d51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
last-modified
Mon, 11 Dec 2023 19:00:35 GMT
server
AmazonS3
x-amz-request-id
6CAF1CVZVJ51A6MA
age
2503207
content-type
image/jpeg
content-length
59048
x-amz-id-2
hU2ksevcZPasOXkvMWfqjnU50W6+4RrZHxJzUEVB6YKZJL0UjtocMMWXorXnQv7ZejKI5epV8BQ=
x-llid
eea3558d5cf7c36aa774f160011ba9ef
3161
config.aps.amazon-adsystem.com/configs/ 		855 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3161
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-21.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
4229ecef425f044a7f510ae3455a1de1c98b02e2d46bdb87c0a97bf7f44b713f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 17:23:16 GMT
via
1.1 11280d8f37ba4cb1d8f36f9f2a6e4c76.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
3447
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
855
x-amz-cf-id
CP4tuV8xox9ef6p9w_Gj3mm8xykS5SVGNtxU6SNOniGDxhHaxDRAcw==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3161&u=https%3A%2F%2Fls.kurdgozar.fun
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/cached/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.111.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-111-130.iad61.r.cloudfront.net
Software
Server /
Resource Hash
31aaeed2e1b04ad611861cca865f5a0d9c6ab3246d5b4b2af484bb76a3293dfe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:38 GMT
via
1.1 d7441270a7210a12742f2ba6f1dfb028.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD61-P2
age
5
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2471
x-amz-cf-id
tMslmFw9xLsmytMf-yP85HychTLv_OeLWrWJmj5gTVAla6FnXUnomQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3161&u=https%3A%2F%2Fls.kurdgozar.fun%2F&pid=D6GjAqJmAPita&cb=0&ws=1600x1200&v=23.1211.1645&t=950&slots=%5B%7B%22sd%22%3A%22skm-ad-flexbanner%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%22%7D%2C%7B%22sd%22%3A%22skm-ad-frame2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%22%7D%2C%7B%22sd%22%3A%22skm-ad-medrec-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%22%7D%2C%7B%22sd%22%3A%22skm-ad-flexrec-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%22%7D%2C%7B%22sd%22%3A%22skm-ad-flexrec-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/cached/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.1.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-1-134.iad12.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
IAD12-P3
x-amz-rid
N4EYM2ND0KANVVCYKTJF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
W4-zvYwrgii88hRCib2ikZrIf61CWAQR0Yg40OFuPAV-s5fWaZhpGg==
cookie_sync
prebid-server.rubiconproject.com/ 		3 KB
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
223042da5878e54ba697e761fdaebf6c6c607340ddbf1c597ac45fc61fa389b2

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
599
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		450 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f768baf0dd8336b5c588faa27988e623ae09bc77dd363b64ef8acb0e355ace11

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.6.0
Content-Type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
336
Expires
0
hb
hb.undertone.com/ 		0
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=1322&domain=kurdgozar.fun&ccpa=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-63.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
via
1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
m2p-j47RAOV_6NzWHFHhagEQTa2hp1mhcLTJrG8lVS7cbM4tfhtBwQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.7.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
028c0003faf1b53c2851cab4c2a6eefdd37e9620ffe56a3f3020ec865511608e

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 09 Jan 2024 18:20:43 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ls.kurdgozar.fun
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bid
s.seedtag.com/c/hb/ 		87 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
05c392c6c24e7846d351c9d1429553ae536e3e34eb3793563ad5695853cda0fb

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		952 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
513ec05d46861683f0b76ef754a5b60ad20967e548d198f96f5d7abbcb3f958d

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:42 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
128
content-length
481
auction
tlx.3lift.com/header/ 		19 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.7.0&referrer=https%3A%2F%2Fls.kurdgozar.fun%2F&tmax=1000&us_privacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.225.66.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-66-52.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status
3, 3, 3, 3, 3, 3
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
receive-cookie-deprecation
1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=211441
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7b3244a4d49d4bc0e8e5361fd0e80a5fb65faee28b199e22b424b06e26e0fe

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fo%2FML9cmQ3C8ZPDa%2BVcbDKoiViFyFLfduPOjSlcvvFJqKbTN4JmrrAqULIajQHJoZGgU79ASi08mLuylFwJRL%2BHw8UdYzuqTd9%2BFMQ4qptHcQkvyRKe3d4fFpwduEGgsTegWGVH2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
842eb2221fea2583-MIA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=1355792&size_id=2&alt_size_ids=55%2C57&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!pmc.com,1226456,1,,,&rf=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.domain=ls.kurdgozar.fun%2Cls.kurdgozar.fun&tg_i.page=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.pvuuid=dc762076-073f-4f03-af2b-dff175097752&tg_i.atlas=y&tg_i.addir=%2Fsk%2F12%2F122%2F1226456%2F26278&tg_i.site=ebaumsworld&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=fail%2Cfail_error&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005109_PG%2CIAS_3006647_PG%2CIAS_3007987_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexbanner%2Cskm-ad-flexbanner&tg_i.st=flxban%2Cflxban&tg_i.inview=true%2Ctrue&tg_i.loc=1%2C1&tg_i.impuuid=fd0739de-7c2c-4996-8a3f-67853f992693%2Cfd0739de-7c2c-4996-8a3f-67853f992693&tg_i.inst=1%2C1&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=cc843c14-af1b-11ee-9481-0e0c851da309%2Ccc843c14-af1b-11ee-9481-0e0c851da309&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.vertical=entertainment%2Centertainment&tg_i.vertical1=entertainment%2Centertainment&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexbanner%2Fskm-ad-flexbanner&tk_flint=pbjs_lite_v8.7.0&x_source.tid=a29fe5c7-aebc-45b7-9ba5-d7f2039ceb18&l_pb_bid_id=49ffb0d7ec79703&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8e1171b9-66b9-410c-ade2-c7704f7088a5&rp_hard_floor=0.08&rp_maxbids=1&p_gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexbanner%2Fskm-ad-flexbanner&slots=1&rand=0.7904841626402175
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f64d571083c07e2ff3b9c59dcc86f6312e04411f16c8909587731c365450063

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=1355792&size_id=2&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!pmc.com,1226456,1,,,&rf=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.domain=ls.kurdgozar.fun%2Cls.kurdgozar.fun&tg_i.page=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.pvuuid=dc762076-073f-4f03-af2b-dff175097752&tg_i.atlas=y&tg_i.addir=%2Fsk%2F12%2F122%2F1226456%2F26278&tg_i.site=ebaumsworld&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=fail%2Cfail_error&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005109_PG%2CIAS_3006647_PG%2CIAS_3007987_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-frame2%2Cskm-ad-frame2&tg_i.st=frame2%2Cframe2&tg_i.inview=true%2Ctrue&tg_i.close_control=enabled%2Cenabled&tg_i.loc=sticky%2Csticky&tg_i.impuuid=e1b6e990-18e9-49c6-bbfc-07f680b1058f%2Ce1b6e990-18e9-49c6-bbfc-07f680b1058f&tg_i.inst=s1%2Cs1&tg_i.stinst=s1%2Cs1&tg_i.optimera=NULL%2CNULL&tg_i.id=cc843c15-af1b-11ee-9481-0e0c851da309%2Ccc843c15-af1b-11ee-9481-0e0c851da309&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.vertical=entertainment%2Centertainment&tg_i.vertical1=entertainment%2Centertainment&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fframe2%2Fskm-ad-frame2&tk_flint=pbjs_lite_v8.7.0&x_source.tid=a29fe5c7-aebc-45b7-9ba5-d7f2039ceb18&l_pb_bid_id=50571d15be32618&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=eaf7d203-76b7-43cb-88a5-09e09e65ae10&rp_hard_floor=0.08&rp_maxbids=1&p_gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fframe2%2Fskm-ad-frame2&slots=1&rand=0.6565824059064322
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84c3dee83b2559835c7f0bbbd4be31968440848884a8fa81e10cf2ab17ca44bb

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=1355792&size_id=15&us_privacy=1---&rp_schain=1.0,1!pmc.com,1226456,1,,,&rf=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.domain=ls.kurdgozar.fun%2Cls.kurdgozar.fun&tg_i.page=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.pvuuid=dc762076-073f-4f03-af2b-dff175097752&tg_i.atlas=y&tg_i.addir=%2Fsk%2F12%2F122%2F1226456%2F26278&tg_i.site=ebaumsworld&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=fail%2Cfail_error&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005109_PG%2CIAS_3006647_PG%2CIAS_3007987_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-medrec-1%2Cskm-ad-medrec-1&tg_i.st=mrec%2Cmrec&tg_i.inview=false%2Cfalse&tg_i.loc=2%2C2&tg_i.impuuid=3e293163-5c18-43f3-977a-7f429f1648ab%2C3e293163-5c18-43f3-977a-7f429f1648ab&tg_i.inst=2%2C2&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=cc843c16-af1b-11ee-9481-0e0c851da309%2Ccc843c16-af1b-11ee-9481-0e0c851da309&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.vertical=entertainment%2Centertainment&tg_i.vertical1=entertainment%2Centertainment&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fmedrec%2Fskm-ad-medrec-1&tk_flint=pbjs_lite_v8.7.0&x_source.tid=a29fe5c7-aebc-45b7-9ba5-d7f2039ceb18&l_pb_bid_id=51bfabb82e0c5c7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ce37d3ee-5236-4057-a55b-8e07f0f7dd94&rp_hard_floor=0.08&rp_maxbids=1&p_gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fmedrec%2Fskm-ad-medrec-1&slots=1&rand=0.8497889916235917
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d64d691c37b90534b3837819b3d88ce2aad951303d6a14a9e759dc402442a811

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=1355792&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!pmc.com,1226456,1,,,&rf=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.domain=ls.kurdgozar.fun%2Cls.kurdgozar.fun&tg_i.page=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.pvuuid=dc762076-073f-4f03-af2b-dff175097752&tg_i.atlas=y&tg_i.addir=%2Fsk%2F12%2F122%2F1226456%2F26278&tg_i.site=ebaumsworld&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=fail%2Cfail_error&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005109_PG%2CIAS_3006647_PG%2CIAS_3007987_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexrec-1%2Cskm-ad-flexrec-1&tg_i.st=flxrec%2Cflxrec&tg_i.inview=false%2Cfalse&tg_i.loc=4%2C4&tg_i.impuuid=f2bfd89b-c596-45a0-94a1-9b6fc42bbba2%2Cf2bfd89b-c596-45a0-94a1-9b6fc42bbba2&tg_i.inst=3%2C3&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=cc843c17-af1b-11ee-9481-0e0c851da309%2Ccc843c17-af1b-11ee-9481-0e0c851da309&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.vertical=entertainment%2Centertainment&tg_i.vertical1=entertainment%2Centertainment&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-1&tk_flint=pbjs_lite_v8.7.0&x_source.tid=a29fe5c7-aebc-45b7-9ba5-d7f2039ceb18&l_pb_bid_id=5273cf4936f321a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d9fa2faa-973f-4b5e-904c-74fc979a4c94&rp_hard_floor=0.08&rp_maxbids=1&p_gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-1&slots=1&rand=0.16131488645234437
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c1278814b0027f51197b4c87246911ec651e7e3583abd3da2d78814a7231f334

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=1355792&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!pmc.com,1226456,1,,,&rf=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.domain=ls.kurdgozar.fun%2Cls.kurdgozar.fun&tg_i.page=https%3A%2F%2Fls.kurdgozar.fun%2F&tg_i.pvuuid=dc762076-073f-4f03-af2b-dff175097752&tg_i.atlas=y&tg_i.addir=%2Fsk%2F12%2F122%2F1226456%2F26278&tg_i.site=ebaumsworld&tg_i.urlhash=177546&tg_i.ci=front&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=fail%2Cfail_error&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_3005109_PG%2CIAS_3006647_PG%2CIAS_3007987_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexrec-2%2Cskm-ad-flexrec-2&tg_i.st=flxrec%2Cflxrec&tg_i.inview=false%2Cfalse&tg_i.loc=5%2C5&tg_i.impuuid=26608798-510f-4ca5-b89b-57cf67770979%2C26608798-510f-4ca5-b89b-57cf67770979&tg_i.inst=4%2C4&tg_i.stinst=2%2C2&tg_i.optimera=NULL%2CNULL&tg_i.id=cc843c18-af1b-11ee-9481-0e0c851da309%2Ccc843c18-af1b-11ee-9481-0e0c851da309&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C40%2C50%2C60&tg_i.vertical=entertainment%2Centertainment&tg_i.vertical1=entertainment%2Centertainment&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-2&tk_flint=pbjs_lite_v8.7.0&x_source.tid=a29fe5c7-aebc-45b7-9ba5-d7f2039ceb18&l_pb_bid_id=537a4e8d6c5434b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=72db4cbb-af1f-4dad-9abf-bf03ad45232f&rp_hard_floor=0.08&rp_maxbids=1&p_gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-2&slots=1&rand=0.12983761075402378
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f9d53e4bf054149c3ccb7d2ff6da8f37f38eb3230fe5c5bf91aebcef6a72b82c

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.161.154 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 09 Jan 2024 18:20:43 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:42 GMT
an-x-request-uuid
eea98c00-c136-4c13-a7ea-e195ee188d04
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1704824442954
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.107.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-107-55.compute-1.amazonaws.com
Software
/
Resource Hash
cd88d7160bfdac9b9178e2d61b233d016b8abad70672688382d73e3a2561a88f

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ls.kurdgozar.fun
date
Tue, 09 Jan 2024 18:20:43 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.7.0&cb=85656426249&lsavail=1
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ls.kurdgozar.fun
date
Tue, 09 Jan 2024 18:20:42 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
imp
g2.gumgum.com/hbid/ 		837 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442960&to=600&aun=skm-ad-flexbanner&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexbanner%2Fskm-ad-flexbanner&fp=0.08&fpc=USD&maxw=970&maxh=250&si=47212&pi=3&bf=728x90%2C970x250%2C970x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
91d094afecfb52ab9073416195f4c09da05853577dc697a8906ef50739d669ae

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442961&to=600&aun=skm-ad-flexbanner&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexbanner%2Fskm-ad-flexbanner&fp=0.08&fpc=USD&maxw=970&maxh=250&si=47213&pi=3&bf=728x90%2C970x250%2C970x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
060c76fcf4bdb0f9e5e2987dba41ade299ef6d532d9576d90cd4633a10911906

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442961&to=600&aun=skm-ad-frame2&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fframe2%2Fskm-ad-frame2&fp=0.08&fpc=USD&t=uzmqbd8f&pi=2&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c659f9db53b1759f28a19d4a2dd34f35b4f717a8b662151e187fb54b31223ebb

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442962&to=600&aun=skm-ad-medrec-1&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fmedrec%2Fskm-ad-medrec-1&fp=0.08&fpc=USD&maxw=300&maxh=250&si=47206&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
033610a77a604cb14c3518de94cb725fae0f7491188a2a0b6a83bcd8e161a627

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442962&to=600&aun=skm-ad-flexrec-1&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-1&fp=0.08&fpc=USD&maxw=300&maxh=600&si=47206&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a2498ff59069a479031119bf9383cff9137a7052fa8644b475f98900e3f9944a

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442962&to=600&aun=skm-ad-flexrec-1&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-1&fp=0.08&fpc=USD&maxw=300&maxh=600&si=47207&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3cdfb5c0ca3a01bc3386aca7f8971cd5d726bd73dff70ea6c18ca9abcf9778b6

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442963&to=600&aun=skm-ad-flexrec-2&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-2&fp=0.08&fpc=USD&maxw=300&maxh=600&si=47206&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
30a9f7e6a223ede126cd8332ad7893816f1292155b5c300d639e0111f917ef88

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		837 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1704824442963&to=600&aun=skm-ad-flexrec-2&gpid=%2F8352%2C1019017%2Fa.ebaumsworld%2Fentertainment%2Fflexrec%2Fskm-ad-flexrec-2&fp=0.08&fpc=USD&maxw=300&maxh=600&si=47207&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1226456%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fls.kurdgozar.fun%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&ogu=null&ns=10240
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.166.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-166-126.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bf0c59855cf2d10b9ff22c98f5c7f145307e5257da32448689d659fa0d3f8528

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.4.232.54 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-232-54.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
x-serial
1
x-check-cacheable
YES
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
x-akamai-pragma-client-ip
10.44.130.72, 4.7.166.99
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 09 Jan 2024 18:35:43 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-85.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 05:24:31 GMT
via
1.1 5443600a954c786f2e851cd6ea9e7e98.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P2
age
46573
x-amz-server-side-encryption
AES256
etag
"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
39537
x-amz-cf-id
LAsiy4dCEMnYq3tHtM2byHcVmk3HKNka82flCPMhuUt7iFNWh6pLtg==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fls.kurdgozar.fun%2F&ref=&_it=amazon&partner_id=458
Requested by
Host: ls.kurdgozar.fun
URL: https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 29 Nov 2023 15:31:45 GMT
server
cloudflare
x-amz-request-id
01CADRK6PEVBEZB5
age
1795
etag
W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
842eb222af9ab3b6-MIA
x-amz-id-2
flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
SRP0PBD2AR53653J
age
3036
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
842eb222ae5f09c2-MIA
x-amz-id-2
2rL2Bljm5yvbD3gTCKGpwnCm8ugg5knkbXACDV80F5xAEBqKfAyFcjqCycVPtqHwrVZLwAckKXP5nSwKFQyULw==
hadron.json
id.hadron.ad.gt/v1/ 		98 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=458&sync=0&domain=ls.kurdgozar.fun&url=https://ls.kurdgozar.fun/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fls.kurdgozar.fun%2F&ref=&_it=amazon&partner_id=458
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7018548be7546c21f55556a851d044bc85d44e4ef3d6b11f99da85b3491a6e5

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
842eb2242df0497c-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=458&sync=0&domain=ls.kurdgozar.fun&url=https://ls.kurdgozar.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ls.kurdgozar.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
842eb223aca9497c-MIA
content-length
0
content-type
application/json
date
Tue, 09 Jan 2024 18:20:43 GMT
debug
OPTIONS block
expires
Wed, 08 Jan 2025 18:20:43 GMT
server
cloudflare
.js
dyv1bugovvq1g.cloudfront.net/21/ls.kurdgozar.fun/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/21/ls.kurdgozar.fun/.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20aa:fc00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1-...
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26acc...
  • https://sync.targeting.unrulymedia.com/csync/RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
86 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
date
Tue, 09 Jan 2024 18:20:44 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX93d83a7398df4439a8e0f8e5385c4f18005
content-type
text/html
map
bcp.crwdcntrl.net/6/ 		154 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-169-119.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2339c0ee561ecbe7d288c2c589f9a6833b9b9dae9d7620322985a4ee06a4a471

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache
x-server
10.40.14.209
access-control-allow-credentials
true
content-length
154
expires
0
458
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/458?_it=amazon
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85e8e64d742cfff420066b8ac238388ee10f2075dda2f974bc6256bd28f2800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 18:17:35 GMT
server
cloudflare
age
188
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
842eb2260bd6746e-MIA
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=880446388736817&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&rl=&if=false&ts=1704824443802&cd[segment_id]=81752&sw=1600&sh=1200&v=2.9.139&r=stable&ec=1&o=4126&fbp=fb.1.1704824441838.966743570&ler=empty&it=1704824441581&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jan 2024 18:20:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=880446388736817&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&rl=&if=false&ts=1704824443805&cd[segment_id]=102567&sw=1600&sh=1200&v=2.9.139&r=stable&ec=2&o=4126&fbp=fb.1.1704824441838.966743570&ler=empty&it=1704824441581&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jan 2024 18:20:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=880446388736817&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fls.kurdgozar.fun%2F&rl=&if=false&ts=1704824443806&cd[segment_id]=105086&sw=1600&sh=1200&v=2.9.139&r=stable&ec=3&o=4126&fbp=fb.1.1704824441838.966743570&ler=empty&it=1704824441581&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 09 Jan 2024 18:20:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21143%2C21967
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21143%2C21967&rdf=1
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21143,21967
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21143,21967
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21143,21967
date
Tue, 09 Jan 2024 18:20:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:43 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
458
p.ad.gt/api/v1/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/458
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/458?_it=amazon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40a81296e88a5bd195631d878cc93e76be462dc5c6396b449b5f2e20860749a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 18:20:07 GMT
server
cloudflare
age
37
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
842eb2275e9ada8b-MIA
halo_match
ids.ad.gt/api/v1/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb2271f0c09fa-MIA
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&adnxs_id=7520810513224092898&gdpr=0
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&adnxs_id=7520810513224092898&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb2276f8209fa-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:44 GMT
an-x-request-uuid
95edf8ae-e016-48d7-91a5-4620292e2845
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&adnxs_id=7520810513224092898&gdpr=0
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704824444-0ET2DF8K-AF2Z&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001704824444-0ET2DF8K-AF2Z&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb227f85a09fa-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
date
Tue, 09 Jan 2024 18:20:44 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z
  • https://ids.ad.gt/api/v1/pbm_match?pbm=BC5D1A00-930F-464F-9EB1-22F01C98B67F&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=BC5D1A00-930F-464F-9EB1-22F01C98B67F&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb227f85709fa-MIA
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=BC5D1A00-930F-464F-9EB1-22F01C98B67F&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
date
Tue, 09 Jan 2024 18:20:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001704824444-0ET2DF8K-AF2Z&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&rub=LR6OGFBQ-17-B2QO&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&rub=LR6OGFBQ-17-B2QO&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb22929cf09fa-MIA
content-length
43
content-type
image/gif

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&rub=LR6OGFBQ-17-B2QO&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704824444...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001704...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&tapad_id=d9463951-a6be-4f6f-8739-d6925d9ef1b7
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&tapad_id=d9463951-a6be-4f6f-8739-d6925d9ef1b7
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb228d98709fa-MIA
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 09 Jan 2024 18:20:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&tapad_id=d9463951-a6be-4f6f-8739-d6925d9ef1b7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&google_gid=CAESEDaA9-AqrVwm4CAt9NceXdI&google_cver=1&google_ula=450542624,0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&google_gid=CAESEDaA9-AqrVwm4CAt9NceXdI&google_cver=1&google_ula=450542624,0
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb22878f609fa-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&google_gid=CAESEDaA9-AqrVwm4CAt9NceXdI&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDgyNDQ0NC0wRVQyREY4Sy1BRjJa
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDgyNDQ0NC0wRVQyREY4Sy1BRjJa
Protocol
H2
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwNDgyNDQ0NC0wRVQyREY4Sy1BRjJa
date
Tue, 09 Jan 2024 18:20:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb227cffe09fa-MIA
content-type
text/html; charset=utf-8
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&uid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&uid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0
Protocol
H2
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cache-control
no-cache
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb22929d109fa-MIA
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:44 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-147
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&uid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001704824444-0ET2DF8K-AF2Z%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&sas_uid=[sas_uid]&gdpr=0&cklb=1
Protocol
HTTP/1.1
Server
23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ip_match
ids.ad.gt/api/v1/ 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001704824444-0ET2DF8K-AF2Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb227c81109fa-MIA
content-type
text/html; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3459213035258973&correlator=383075431602741&eid=31080284%2C31080298%2C31079525&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8352%3A1019017%2Ca.ebaumsworld%2Centertainment&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704824443930&lmt=1704824443&adxs=436%2C-12245933%2C715%2C715%2C1030&adys=592%2C-12245933%2C1265%2C2852%2C3610&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5&oid=2&tos=~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fls.kurdgozar.fun%2F&vis=1&psz=728x118%7C1600x-1%7C300x250%7C300x250%7C300x250&msz=728x90%7C0x-1%7C300x250%7C300x250%7C300x250&fws=4%2C640%2C4%2C4%2C4&ohw=728%2C0%2C1120%2C1120%2C1120&ga_vid=56901551.1704824441&ga_sid=1704824444&ga_hid=1380610010&ga_fc=true&dlt=1704824438751&idt=3745&ppid=03eaa3e8-afa4-414a-9dfa-bb845344024c&prev_scp=divid%3Dskm-ad-flexbanner%26st%3Dflxban%26inview%3Dtrue%26loc%3D1%26impuuid%3Dfd0739de-7c2c-4996-8a3f-67853f992693%26inst%3D1%26stinst%3D1%26optimera%3DNULL%26id%3Dcc843c14-af1b-11ee-9481-0e0c851da309%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cdivid%3Dskm-ad-frame2%26st%3Dframe2%26inview%3Dtrue%26close_control%3Denabled%26loc%3Dsticky%26impuuid%3De1b6e990-18e9-49c6-bbfc-07f680b1058f%26inst%3Ds1%26stinst%3Ds1%26optimera%3DNULL%26id%3Dcc843c15-af1b-11ee-9481-0e0c851da309%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cdivid%3Dskm-ad-medrec-1%26st%3Dmrec%26inview%3Dfalse%26loc%3D2%26impuuid%3D3e293163-5c18-43f3-977a-7f429f1648ab%26inst%3D2%26stinst%3D1%26optimera%3DNULL%26id%3Dcc843c16-af1b-11ee-9481-0e0c851da309%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cdivid%3Dskm-ad-flexrec-1%26st%3Dflxrec%26inview%3Dfalse%26loc%3D4%26impuuid%3Df2bfd89b-c596-45a0-94a1-9b6fc42bbba2%26inst%3D3%26stinst%3D1%26optimera%3DNULL%26id%3Dcc843c17-af1b-11ee-9481-0e0c851da309%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Cdivid%3Dskm-ad-flexrec-2%26st%3Dflxrec%26inview%3Dfalse%26loc%3D5%26impuuid%3D26608798-510f-4ca5-b89b-57cf67770979%26inst%3D4%26stinst%3D2%26optimera%3DNULL%26id%3Dcc843c18-af1b-11ee-9481-0e0c851da309%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&cust_params=permutive%3D%26puid%3D1e6d367e-386d-47d9-9eca-26639cd122a0%26ptime%3D1704824442507%26prmtvsdk%3Dweb%26pvuuid%3Ddc762076-073f-4f03-af2b-dff175097752%26atlas%3Dy%26addir%3D%252Fsk%252F12%252F122%252F1226456%252F26278%26site%3Debaumsworld%26domain%3Dls.kurdgozar.fun%26urlhash%3D177546%26ci%3Dfront%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1226456%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26refresh%3Dn%26admants%3Dfail%252Cfail_error%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005109_PG%252CIAS_3006647_PG%252CIAS_3007987_PG%26fr%3Dtrue%26opti_page%3Dde_n%252Fa_n%252Fa_US_n%252Fa_n%252Fa_Chrome%26batch%3D1%26boom_session%3D5f057d8e4e010a&adks=3852908153%2C303721058%2C593258508%2C3115543389%2C3115543388&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1b1f7a260555ebc9cb4ce0f9457e0972c78b54338c58fcb32b60e9cf0ae1041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
381
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ls.kurdgozar.fun
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0de9fa49bd47f04e9562f8026cd75bef81b627af0090b673033c301435e58a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12391
x-xss-protection
0
container.html
00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5560 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 18:20:44 GMT
expires
Wed, 08 Jan 2025 18:20:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:20:44 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.55.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-55-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ls.kurdgozar.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 09 Jan 2024 18:20:44 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.55.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-55-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ls.kurdgozar.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 09 Jan 2024 18:20:44 GMT
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/30.43f1b6ace600f5a15a3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.55.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-55-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:44 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/30.43f1b6ace600f5a15a3e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.55.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-55-219.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:44 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=7520810513224092898
86 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=7520810513224092898
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:44 GMT
an-x-request-uuid
bca28451-3d08-4139-b7ce-3a923105c3da
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=7520810513224092898
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 17:23:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 09 Jan 2024 18:23:33 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:07:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 09 Jan 2024 19:07:38 GMT
collect
a.ad.gt/api/v1/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/458
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
cf-ray
842eb2289ebc67c6-MIA
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=a7988ab64dae433e47825e2ea8f27481&url=https%3A%2F%2Fls.kurdgozar.fun%2F&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
842eb228dddc67cf-MIA
content-type
text/html; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Jan 2024 18:20:44 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=10278&us_privacy=1---&gpp_sid=&gpp=
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=10278&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
86 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=10278&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=10278&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
f872688d66147680a9b51214b4988dc22b10f0d16864252cba7f5e021890a7ca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://ls.kurdgozar.fun
date
Tue, 09 Jan 2024 18:20:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
syncframe
gum.criteo.com/ Frame 1F41 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ls.kurdgozar.fun&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 18:20:43 GMT
server
Kestrel
server-processing-duration-in-ticks
429477
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Jan 2024 18:20:44 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
692d7a46cba08f45b297f6b1b97a8ccf56ab51588278142084f9888666672f46

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 836C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
195792
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 11:57:32 GMT
expires
Mon, 06 Jan 2025 11:57:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F6B5 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sk-ebaumsworld/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee5fa10523f5b80078f4587ea5bcc4729b617dfb476c006434d7ec9a4a3ec416
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HvA6MzeoRCf43GP90lNjVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HvA6MzeoRCf43GP90lNjVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 18:20:44 GMT
expires
Tue, 09 Jan 2024 18:20:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 1F41
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kurdgozar.fun&sn=ChromeSyncframe&so=0&topUrl=ls.kurdgozar.fun&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=-X6SQHxUWllJbkhwc3V2SUUyUnlieTB4UjBKNmhDcXkwNnVFdkFzWWlaR0pkUGM5aVNONlUzc1JkcUx5WVpDMDhQTlZPOHhKTCtGU2xlcUJHTC9oWG5ncTEzbWhLNm45eVhjTTVjakxrVHZ2UnNac0kvS3JWd0VLVmcxRC...
433 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-X6SQHxUWllJbkhwc3V2SUUyUnlieTB4UjBKNmhDcXkwNnVFdkFzWWlaR0pkUGM5aVNONlUzc1JkcUx5WVpDMDhQTlZPOHhKTCtGU2xlcUJHTC9oWG5ncTEzbWhLNm45eVhjTTVjakxrVHZ2UnNac0kvS3JWd0VLVmcxRC91dmZIMUd2VlMrNDhHMVpIYm11bTlMZ0poSk9qd2JFdlNtR0dLaGxkSFk4azFMRXZtYU14Vm1OQnRtaUN2b3lHSnNPOFVVaU5nSVdwMXFWNVFKLzNuTkpXRkUzQVNUS2VyT0FDQW0rZGxmcllCd2V0anVkYWJMVXc3bVF2emJmM0dqN1NNaHdId1dUdlBrUTVkMnYvb1pVYXBORXRGMVc2MHNRTTl2b0tLRUJnSlhGUVNJQT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
57cf6d76836de2aabd079d1245968617bac37f1316f6af5de066fea74beeb11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1913953
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-X6SQHxUWllJbkhwc3V2SUUyUnlieTB4UjBKNmhDcXkwNnVFdkFzWWlaR0pkUGM5aVNONlUzc1JkcUx5WVpDMDhQTlZPOHhKTCtGU2xlcUJHTC9oWG5ncTEzbWhLNm45eVhjTTVjakxrVHZ2UnNac0kvS3JWd0VLVmcxRC91dmZIMUd2VlMrNDhHMVpIYm11bTlMZ0poSk9qd2JFdlNtR0dLaGxkSFk4azFMRXZtYU14Vm1OQnRtaUN2b3lHSnNPOFVVaU5nSVdwMXFWNVFKLzNuTkpXRkUzQVNUS2VyT0FDQW0rZGxmcllCd2V0anVkYWJMVXc3bVF2emJmM0dqN1NNaHdId1dUdlBrUTVkMnYvb1pVYXBORXRGMVc2MHNRTTl2b0tLRUJnSlhGUVNJQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
279337
content-length
0
expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
86 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
Date
Tue, 09 Jan 2024 18:20:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F6B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=3459213035258973&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 836C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:49:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
423072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jan 2025 20:49:32 GMT
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/4.3a34b8e1e0903ea970e6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 17:31:28 GMT
content-encoding
gzip
age
2956
x-guploader-uploadid
ABPtcPo4W3YvL8HQqyTgMGl2CzSn0pp4oAaZiWe4ENQz7SE4v7ibm71STdj9F23N83uytpKnTCo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
v3
id5-sync.com/gm/ 		698 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
49f4f5e79451a306f0556e52798aa3ab9cc9b8e150d217e67b6dbc26403f2f85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ls.kurdgozar.fun
date
Tue, 09 Jan 2024 18:20:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
tag
pandg.tapad.com/ Frame 4E38
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C...
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%...
592 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22entertainment%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
722b9679a26cae3a9f536c27d20e25a6750335b022d00d60c9d13f394dcc1fec
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Tue, 09 Jan 2024 18:20:45 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Tue, 09 Jan 2024 18:20:44 GMT
location
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22entertainment%22%7D
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
generate_204
tpc.googlesyndication.com/ Frame 836C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HpUuOg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pbs-iframe
pbs-cs.yellowblue.io/ Frame 9A27 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
7584af8dbd9b5fa6c7d877bf252ac318d0d09583df518acdf7139636e21b2eb7

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ls.kurdgozar.fun/
content-type
text/html
date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs.yellowblue.io/cs?aid=11592&uid=DC0qnwBLqTA2&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11592&uid=DC0qnwBLqTA2&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.yellowblue.io/cs?aid=11592&uid=DC0qnwBLqTA2&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-lpt7m
expires
-1
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs.yellowblue.io/cs?aid=115667&uid=d13a5057-a213-4831-b305-d5d971a86bc9
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=115667&uid=d13a5057-a213-4831-b305-d5d971a86bc9
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:45 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-147
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.yellowblue.io/cs?aid=115667&uid=d13a5057-a213-4831-b305-d5d971a86bc9
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs.yellowblue.io/cs?aid=11584&uid=VERy1EEPPyEHC6ZS3uJP&gdpr=0&gdpr_consent=&us_privacy=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11584&uid=VERy1EEPPyEHC6ZS3uJP&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:45 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.yellowblue.io/cs?aid=11584&uid=VERy1EEPPyEHC6ZS3uJP&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
  • https://cs.yellowblue.io/cs?aid=11585&id=3478260481523803000V10
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11585&id=3478260481523803000V10
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:49 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 09 Jan 2024 18:20:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cs.yellowblue.io/cs?aid=11585&id=3478260481523803000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
154
x-mnet-hl2
E
expires
Tue, 09 Jan 2024 18:20:48 GMT
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
Date
Tue, 09 Jan 2024 18:20:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=8280212633832615062&gdpr=0&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=8280212633832615062&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=8280212633832615062&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:45 GMT
content-length
0
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
date
Tue, 09 Jan 2024 18:20:45 GMT
content-length
0
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=f52ed82ee2697ffb22b2f840e85f41e&gdpr_consent=&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=f52ed82ee2697ffb22b2f840e85f41e&gdpr_consent=&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:45 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=f52ed82ee2697ffb22b2f840e85f41e&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1704824445540050-299
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs.yellowblue.io/cs?aid=11580&puid=212413095182627
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11580&puid=212413095182627
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:45 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.yellowblue.io/cs?aid=11580&puid=212413095182627
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkM1RDFBMDAtOTMwRi00NjRGLTlFQjEtMjJGMDFDOThCNjdG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENqAmulhs6JoCDEPgUeOLNs&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs.yellowblue.io/cs?aid=11576&id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
date
Tue, 09 Jan 2024 18:20:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
104
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
  • https://cs.yellowblue.io/cs?aid=11571&id=aefee888-7301-4377-bec7-2b0b76abcc15&gdpr_consent=null&gdpr=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11571&id=aefee888-7301-4377-bec7-2b0b76abcc15&gdpr_consent=null&gdpr=0
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11571&id=aefee888-7301-4377-bec7-2b0b76abcc15&gdpr_consent=null&gdpr=0
date
Tue, 09 Jan 2024 18:20:45 GMT
server
_
content-length
0
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11596&id=7520810513224092898&gdpr=0&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11596&id=7520810513224092898&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:45 GMT
an-x-request-uuid
ea5e5a68-1e57-4f2a-bcf6-667bb261dd8e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.yellowblue.io/cs?aid=11596&id=7520810513224092898&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://ad.turn.com/r/cs?pid=45&rndcb=6448322022
  • https://sync.1rx.io/usersync/turn/4430111625358761738?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11599&id=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
date
Tue, 09 Jan 2024 18:20:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX93d83a7398df4439a8e0f8e5385c4f18005
content-type
text/html
cs
cs.yellowblue.io/ Frame 9A27
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs.yellowblue.io/cs?aid=11563&id=19de2a71-eddd-4a16-9e0c-37b31689db19
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11563&id=19de2a71-eddd-4a16-9e0c-37b31689db19
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://pbs-cs.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.yellowblue.io/cs?aid=11563&id=19de2a71-eddd-4a16-9e0c-37b31689db19
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 9A27 		0
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rise&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=jtOlO_Pzk
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pbs-cs.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 1DD1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pbs-cs.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:45 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 0717 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pbs-cs.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
receive
pixel.tapad.com/idsync/ex/ Frame 4E38
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C%257B%2522architecture%2522%253A%...
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fls.kurdgozar.fun%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22entertainment%22%7D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttd_puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
date
Tue, 09 Jan 2024 18:20:45 GMT
server
Kestrel
content-length
987
9.gif
id5-sync.com/cq/1173/124/0/
Redirect Chain
  • https://id5-sync.com/i/1173/8.gif?id5id=ID5*MuOSyWCpd946vhMAcTCaclkNzbsiy7UD3OH-dKYxkpJ7N2I1Xb6EmTRmvMTy_jVjezhtcs6z8t4UFw4S5VWx4g&o=api&gdpr_consent=undefined&gdpr=false
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F7%2F2.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1173/429/7/2.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F796%2F6%2F3.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consen...
  • https://id5-sync.com/c/1173/796/6/3.gif?puid=f47c7649-b3c5-43a5-9583-4631c7f3a88e&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/1173/434/5/4.gif?puid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
  • https://id5-sync.com/c/1173/108/4/5.gif?puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1173/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1173/2/3/6.gif?puid=7520810513224092898&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F441%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1173/441/1/8.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F0%2F9.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F0%2F9.gif%3F...
  • https://id5-sync.com/cq/1173/124/0/9.gif?puid=74b74793-1244-4150-93c4-1944e6adcd3e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/cq/1173/124/0/9.gif?puid=74b74793-1244-4150-93c4-1944e6adcd3e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/1173/124/0/9.gif?puid=74b74793-1244-4150-93c4-1944e6adcd3e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:47 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
events
api.permutive.com/v2.0/batch/ 		301 B
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
00636e9d1c3892693205f43d83f87515b13a631c9c805baa8dc58819f73c0d4a

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://ls.kurdgozar.fun
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=3459213035258973&bg=!5Oel56jNAAaumcC-jpk7ADQBe5WfOEvs2zsxPN3ovNaV4K4PkauALnhCklqVn7Kh0nSeJlAjnQUDHbFHechbx71pWeWTAgAAAGhSAAAABWgBB5kCuvEHdcw2-g07pKcIrWM1TdWgiV7Trq4Kcrsijrv4_fMDnJf8aREWn8FohaM1FMkmHFCwBdik9fl1mvs5s4g4LUgDmpTb9n7LcW2zxKK3leutic2h8CEOYk_s-P70SXnXBSnm9evLmNao7YFmPxNRrFxCgzobfwTc5Zo4FDxeXH5-fzpwxQ24RegwPQ5KYzlEfn1Nx4LflYw8HKgQr5PXfWrE76_aYd6U9pUJs5VSuPycAJvTKNbDHHowQN2NvrKDptes54AFStKhetviyGNKpEUg5VSgmkVgr1giGC8_buMe-J6-686Lp7mEWjVbz4Baailia_k4jPPvdhwPtoeQSl-BAydK7jgeauHQUDH4WA9QJ_DtMbcxEU1uG6xJXzL-05S35XdfKUw8RsJaCyjUE9f5JEKh4-X-FAZ87iHSeDCX0MSrTmT1r-W5ez0gezT8pGJZc5l9nZ7MNTm5B6FC1KVWek_pD3nsP21Xx5iRDrzhfxdD3tpmCpC0H1RHKaKbNEbkt0g6UxnOqf1XfWmEWgHJTva1ZTTGPfyZyOF1Ag1MfJybDv5QaK3AUWGc61h6LfNt-MN4xmfARYyDWsx9zkCW6JEQ6lV541NBiZjr6kkivpAQ_ylkPCy_wIH3emIRY7r5mTgFI1aRPyBbQgAg-eRguhezt5iibfZvheV6X3xgiWeKIP-P-8huWpsgYil_-qsc4hI-XPevCBOZRz1fB7tReE_N5SeH2JcGO0QXTry8erW-d5FNsv8dToVWJ8AqY75ZFh2rg_FziiiLG-2XKqnqKpw7MuElmOWiSQqtOp6whudAfrTmTo1QDs0PE1DRNQxEHyDoS3jFoII1XhMEHrFch1SySFX2Huan-EVTg0SB6UrVQjYegIgrtvc2-V0k4qu_7v7sEwH_yFD5fudsJKVOqBvfZGT004IX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 1DD1 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11816
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
khaos.json
token.rubiconproject.com/ Frame 1DD1 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
cs
cs.yellowblue.io/ Frame 1DD1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
  • https://cs.yellowblue.io/cs?aid=11590&id=LR6OGFBQ-17-B2QO&us_privacy=1---
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
setuid
px.ads.linkedin.com/ Frame 1DD1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OGFBQ-17-B2QO&us_privacy=1---
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 71A3F99E7B9649D08D3AB1388A863092 Ref B: MIAEDGE1506 Ref C: 2024-01-09T18:20:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOh1+DfH/Veim9jbFfzQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR6OGFBQ-17-B2QO&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1DD1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/eaTKALVjn3W0UKq6ec1M0sn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jOE_u1VE2oINv19RYGE1IqqMdPZY_Xt44ld_Iw--~A
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jOE_u1VE2oINv19RYGE1IqqMdPZY_Xt44ld_Iw--~A
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-jOE_u1VE2oINv19RYGE1IqqMdPZY_Xt44ld_Iw--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 1DD1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LR6OGFBQ-17-B2QO&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR6OGFBQ-17-B2QO&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AQYYSXD74HVRV9WWD231
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR6OGFBQ-17-B2QO&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 1DD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDsygjTbuVcQfHve-jWvCCM&google_cver=1
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDsygjTbuVcQfHve-jWvCCM&google_cver=1
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDsygjTbuVcQfHve-jWvCCM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1DD1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=W2GcfEDCTDmOeiqE-_Adzg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W2GcfEDCTDmOeiqE-_Adzg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W2GcfEDCTDmOeiqE-_Adzg
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7889JQ10GWEHM9C6AS6E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=W2GcfEDCTDmOeiqE-_Adzg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1DD1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI2T0dGQlEtMTctQjJRTw==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBkUPXGRPKYq5MAq5BpTAM4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T0dGQlEtMTctQjJRTw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T0dGQlEtMTctQjJRTw==&google_push=
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI2T0dGQlEtMTctQjJRTw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 1DD1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VS-bHUhAQXawLxDgxJTeXg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VS-bHUhAQXawLxDgxJTeXg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VS-bHUhAQXawLxDgxJTeXg
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5VY5WYZVFY53B8QA5ZK3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VS-bHUhAQXawLxDgxJTeXg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1DD1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVhMmY0ZTA3ZTA1ZmY0M2NiNDk3NTU1NmY4MTI0MTA4OWFhYjcyZg&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVhMmY0ZTA3ZTA1ZmY0M2NiNDk3NTU1NmY4MTI0MTA4OWFhYjcyZg&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVhMmY0ZTA3ZTA1ZmY0M2NiNDk3NTU1NmY4MTI0MTA4OWFhYjcyZg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1DD1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent=&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent=&expires=30
date
Tue, 09 Jan 2024 18:20:45 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 1DD1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABPHU7LOx0AABPb3P8NtA&expires=30
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABPHU7LOx0AABPb3P8NtA&expires=30
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABPHU7LOx0AABPb3P8NtA&expires=30
Date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame 1DD1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OGFBQ-17-B2QO&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
3.91.113.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-113-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 1DD1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 1DD1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f47c7649-b3c5-43a5-9583-4631c7f3a88e&expires=30&us_privacy=1---
42 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f47c7649-b3c5-43a5-9583-4631c7f3a88e&expires=30&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f47c7649-b3c5-43a5-9583-4631c7f3a88e&expires=30&us_privacy=1---
Date
Tue, 09 Jan 2024 18:20:46 GMT
Connection
keep-alive
X-CI-RTID
4a72ee71-e076-4b74-bcce-8dd4a9613e3c
Content-Length
164
Content-Type
text/html; charset=utf-8
receive
pixel.tapad.com/idsync/ex/ Frame 1DD1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR6OGFBQ-17-B2QO&us_privacy=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR6OGFBQ-17-B2QO&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync
hb.yahoo.net/ Frame 1DD1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR6OGFBQ-17-B2QO&redir=true&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR6OGFBQ-17-B2QO&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1FM1ZOczJkRTJ1RUVWdmhkZGhnQVRxSUtqV0w2RDc2cn5B&ovsid=LR6OGFBQ-17-B2QO&us_privacy=1---&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1FM1ZOczJkRTJ1RUVWdmhkZGhnQVRxSUtqV0w2RDc2cn5B&ovsid=LR6OGFBQ-17-B2QO&us_privacy=1---&dpid=58160
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
104.117.182.139 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-139.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 09 Jan 2024 18:20:46 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1FM1ZOczJkRTJ1RUVWdmhkZGhnQVRxSUtqV0w2RDc2cn5B&ovsid=LR6OGFBQ-17-B2QO&us_privacy=1---&dpid=58160
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 1DD1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: pbs-cs.yellowblue.io
URL: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
3565f354-8ab0-405b-adb0-37f03fd3ae7e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
usersync.html
cdn.undertone.com/js/ Frame 5D1E 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
73855
content-encoding
gzip
content-type
text/html
date
Mon, 08 Jan 2024 21:49:52 GMT
etag
W/"c0ad5bceb34dc473809dd23603a31cec"
last-modified
Wed, 13 Dec 2023 14:37:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b15f339834cfb5119481b1c1eb890372.cloudfront.net (CloudFront)
x-amz-cf-id
kLeuKtJcl8rEsW37bKfLWFMT5zgkOFyceScXAUBoOhWNDocMGE_jkA==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
FpPUYNzys4ObbGRuHL8tOpxgUSayXD44
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://eb2.3lift.com/sync?us_privacy=1---&
  • https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
8e82aeb9a84b16b5e44eb257d9f2de78d716737e34705c7db81c6246e7281304

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:46 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
/sync?us_privacy=1---&&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs.html
cs.seedtag.com/ Frame 489F 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2397fbe331fb7cc8c5325752c4af7d6c5cb9204a1f810b89fc93c372cbdd37

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
464
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
842eb2350ace02f1-MIA
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
etag
W/"e1932830098c932fee98b7cc79857ecc"
expires
Wed, 10 Jan 2024 18:20:46 GMT
last-modified
Wed, 13 Dec 2023 15:57:21 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1702483041418398
x-goog-hash
crc32c=eQLC6w== md5=4ZMoMAmMky/umLfMeYV+zA==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15379
x-guploader-uploadid
ABPtcPr8m4Ts86cUkPPsh1EbyBGZzMtGGKQPjjuGABQ1MuVgPkwovRa8Xn_RMnQXLxd3d5uHtbA
ixmatch.html
js-sec.indexww.com/um/ Frame 8FF4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
873
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
842eb2350aa8334d-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Tue, 09 Jan 2024 22:20:46 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 370F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.212.249 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-212-249.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"623de86a-cf34"
Expires
Wed, 10 Jan 2024 18:20:48 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 1E8C 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:a200:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
73855
content-encoding
gzip
content-type
text/html
date
Mon, 08 Jan 2024 21:49:52 GMT
etag
W/"c0ad5bceb34dc473809dd23603a31cec"
last-modified
Wed, 13 Dec 2023 14:37:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 b15f339834cfb5119481b1c1eb890372.cloudfront.net (CloudFront)
x-amz-cf-id
O_3P_zX3c3m5xXUps1urxNwZCUW0gwfLH60Eqw16nFdqyusvS3xNdA==
x-amz-cf-pop
JFK52-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
FpPUYNzys4ObbGRuHL8tOpxgUSayXD44
x-cache
Hit from cloudfront
isyn
sync.a-mo.net/ Frame AE92 		2 KB
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CroBShBscy5rdXJkZ296YXIuZnVuUgthYXMtMTRiMDRmZVoIcGJhMS4zLjNqEGxzLmt1cmRnb3phci5mdW76AQU4LjcuMOgCAYgD-5z2rAaoAzrqAyQ0Mjc1OTQzYS1iMThmLTQxOWYtYjcyNy01MjA0NWU5ZWMwMGWqBANEQ0iyBQNVU0TSBQQxMTI22AUA4AUA6gUHZGVza3RvcPoFBGRjMTOqBwN3ZWLKBw1rdXJkZ296YXIuZnVu4AcB
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
463383d3b88b8603da30041e077cb62b16e427d56edbd3d7c4b21992edda0686

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
617
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:46 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 6466 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a6xgjd1704824443302&usPrivacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.107.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-107-55.compute-1.amazonaws.com
Software
/
Resource Hash
44828eadb288aee35ba8287d2593a1d416219c8a1896ddc3546a88d4190ece20

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:46 GMT
usync.html
eus.rubiconproject.com/ Frame E36A 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_7fbc3802-14ac-4a38-90b1-bb5440f5d311&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=d13a5057-a213-4831-b305-d5d971a86bc9&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/7/3.gif?puid=7520810513224092898&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F5%2F5.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/5/5.gif?puid=aada912d-ad00-4845-9f80-53cace5b5ff7&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/4/6.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=92&3pid=7520810513224092898&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/441/1246/3/7.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1242/2/8.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1245/1/9.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Date
Tue, 09 Jan 2024 18:20:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
10.gif
id5-sync.com/c/441/1241/0/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_4e802fd2-c518-4eb2-a830-6365095f7c61&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F7%2F3.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/7/3.gif?puid=aada912d-ad00-4845-9f80-53cace5b5ff7&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F5%2F5.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/5/5.gif?puid=74b74793-1244-4150-93c4-1944e6adcd3e&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=92&3pid=7520810513224092898&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1246%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/441/1246/3/7.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1245/2/8.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
  • https://ce.lijit.com/merge?pid=85&3pid=AABPHU7LOx0AABPb3P8NtA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26...
  • https://id5-sync.com/c/441/1241/0/10.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/441/1241/0/10.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 09 Jan 2024 18:20:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/441/1241/0/10.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_04d89d88-b909-4f90-a5af-813ece0507af&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
199
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_3ae3727d-be2f-447d-92f2-8d0d5761306b&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/7/3.gif?puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_2f179176-24d3-4879-9496-af0a6574ebc8&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/441/108/7/3.gif?puid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/6/4.gif?puid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1242/5/5.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
date
Tue, 09 Jan 2024 18:20:47 GMT
server
Kestrel
content-length
199
usermatch
ssum-sec.casalemedia.com/ Frame CB17
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&us_privacy=1---
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1---%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1---&C=1
0
263 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1---%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1---&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb23598b52583-MIA
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzY1vNNcMtt7Y7NilU4k8LWAC7g6mgE8Co4Ey7coGUVxH8%2BdXJ05HSHzSjtpNDk5K8vcrKRtHsY4nmih%2FVdCEFxnW1%2FiXF7UwWZI5wMg0CNU2uTVohiAQK1wuujNTCap6CN83l06wAE1Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb2350faa2583-MIA
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1---%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1---&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJdCbZ%2FW1odGIOoz4807bmYVgrC9ifLSmK1M5znclnhJYpphu7QSkgU7lIRGXicfdAZc3eDYNfYnfIpKr6Z%2Bq39LAc4yl8VxL9sqDIHRf%2Bbqal40CIu4mNOGN5fnsTMyunILmmeY6TT6sA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 767A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1---
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1---bab351c0-3a9d-4b30-bfce-74e6c08c2f08
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1---bab351c0-3a9d-4b30-bfce-74e6c08c2f08
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=&us_privacy=1---bab351c0-3a9d-4b30-bfce-74e6c08c2f08
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&us_privacy=1---
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A&us_privacy=1---
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A&us_privacy=1---
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DBC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=%24%7B...
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
date
Tue, 09 Jan 2024 07:31:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1---
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D&us_privacy=1---
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&us_privacy=1---
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&us_privacy=1---
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 5D1E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58545/occ?us_privacy=1---&verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid-server.rubiconproject.com/ Frame 5D1E 		0
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
t.gif
cw.addthis.com/ Frame 5D1E 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=426faaf492b845bfad898e3ac0594e3d
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.177.63 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-177-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 09 Jan 2024 18:20:46 GMT
demconf.jpg
dpm.demdex.net/ Frame 5D1E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
34.193.227.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-227-167.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-08b552fb2.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
sPR4xoHoRG0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-00993036b.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
/uLHNsPCQyM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 5D1E 		62 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
62
content-type
image/gif
/
p.adsymptotic.com/d/px/ Frame 5D1E
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=3xlemq1rk34hwg8ve1e5fyh4t
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI_pz2rAYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI_pz2rAYSBAgCEABCAEoA&google_gid=CAESENTR29thblLo5fTXNXLeEdU&google_cver=1
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06684537
0
0
usermatch.gif
beacon.krxd.net/ Frame 5D1E 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.44.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-44-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n003-ash-prod.krxd.net
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1704824446
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
receive
pixel.tapad.com/idsync/ex/ Frame 5D1E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=3xlemq1rk34hwg8ve1e5fyh4t
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
b4a9f8c7-7efc-4953-a60e-9c94a640762e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E36A 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11815
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
jp
rtb.gumgum.com/usync/ Frame 056A 		2 KB
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a6xgjd1704824443302&usPrivacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.219.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-219-79.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a2a74689c123a1de0d0c92aaed97a9b10cce161948c779437c9d87330003970d

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 09 Jan 2024 18:20:46 GMT
etag
W/"026e13a3b2fefa89553d1558c38ee517d"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame 6466
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&us_privacy=1---
  • https://match.justpremium.com/match/gg?jp_uid=r-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212&ex_uid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212&ex_uid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=a6xgjd1704824443302&usPrivacy=1---
Protocol
H2
Server
52.1.107.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-107-55.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212&ex_uid=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368
date
Tue, 09 Jan 2024 18:20:46 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
t.gif
cw.addthis.com/ Frame 1E8C 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=426faaf492b845bfad898e3ac0594e3d
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.177.63 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-177-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 09 Jan 2024 18:20:46 GMT
demconf.jpg
dpm.demdex.net/ Frame 1E8C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
42 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
34.193.227.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-227-167.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0f3d0f65a.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
jUqFlUKYR/o=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-0fff95863.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
iSc4B8h4SPA=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=3xlemq1rk34hwg8ve1e5fyh4t
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 1E8C 		62 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
62
content-type
image/gif
396846.gif
idsync.rlcdn.com/ Frame 1E8C
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=3xlemq1rk34hwg8ve1e5fyh4t
  • https://idsync.rlcdn.com/1000.gif?memo=CITSGBIlCiEIARCakQEaGTN4bGVtcTFyazM0aHdnOHZlMWU1ZnloNHQQABoNCP6c9qwGEgUI6AcQAEIASgA
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a4184981-f775-4133-8a32-ebd20ebb6e82
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a4184981-f775-4133-8a32-ebd20ebb6e82
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=a4184981-f775-4133-8a32-ebd20ebb6e82
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame 1E8C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=3xlemq1rk34hwg8ve1e5fyh4t
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.44.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-44-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n038-ash-prod.krxd.net
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1704824446
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
receive
pixel.tapad.com/idsync/ex/ Frame 1E8C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3484&partner_device_id=3xlemq1rk34hwg8ve1e5fyh4t
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dd9463951-a6be-4f6f-8739-d6925d9ef1b7%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
140e0d9e-4489-4e65-bab4-7873448b3095
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7520810513224092898&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9014
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
0
717 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb2360ff8498c-MIA
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4ilZYb9h10qsnc7JZ6GsrD8Qjb%2FUFqJ5n0VRvI1pLWDhzE6C2ZeDyjLf%2B0ucJbJ73Sg3HhVurDnkijj0CJ2mUV884zvXJQ4c%2FrbFDf0hWlyAKHkizuLfPfyWydZ92uby9BNmckmREDY9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb23588912583-MIA
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo5ZdjvxqwXyXwPy6pgMnvYj%2BIaQPGb844izlvE%2BVxKige5HSpJ%2FUOhfOlXY7LLJU4XyDRaERG4ny0gcUb0jhKcV20fyGYc%2FHqaVm9ZxBBFKJR1nZXKq2PDzXiPTyBnHSn7oLBuDCdqjYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7999
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=bab351c0-3a9d-4b30-bfce-74e6c08c2f08
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=bab351c0-3a9d-4b30-bfce-74e6c08c2f08
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=bab351c0-3a9d-4b30-bfce-74e6c08c2f08
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Yg.2oW9E2uGc.s9LVVcDD99x.P_2WIq7~A
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=1707416446
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DBC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=%24%7B...
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
date
Tue, 09 Jan 2024 07:32:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 1E8C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 0169
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 0AC4 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CB9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.213.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-213-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137529
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Thu, 11 Jan 2024 08:32:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 99CB
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
da26ea47d0257d80abc1d9a0684bfcd3646dbae8ee3e3a5e81adee61c6d6572c

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:19:12 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:19:12 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5
/
hde.tynt.com/deb/ Frame E0A4
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
9fb69b0f21da567fa85ef84dd76b9dec8e636972ea5bcee188cf2919ecd78100

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1607
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Tue, 09 Jan 2024 18:20:45 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
isync
visitor.omnitagjs.com/visitor/ Frame 0BF5 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
e5b241f65d6b97d4d10726f3cfe8aae6346faf732dae616c540babb6707ae65f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1554
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
56
/
onetag-sys.com/usync/ Frame 5BCE 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sharethrough
s.seedtag.com/cs/cookiesync/ Frame 8AE5
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 09 Jan 2024 18:20:46 GMT
server
openresty
via
1.1 google

Redirect headers

content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=b12a5b10-9e87-4b4e-916c-ad3b34eebead&gdpr=0
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame EBAF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=DC0qnwBLqTA2&ev=1&us_privacy=1---&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=DC0qnwBLqTA2&ev=1&us_privacy=1---&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 09 Jan 2024 18:20:46 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-5b8764964b-lpt7m
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=DC0qnwBLqTA2&ev=1&us_privacy=1---&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame 489F 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7520810513224092898
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7520810513224092898
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
ae8689fc-1a90-40cf-a7f4-b36f55d154d1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7520810513224092898
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=8280212633832615062
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=8280212633832615062
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=8280212633832615062
date
Tue, 09 Jan 2024 18:20:45 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/seedtag?cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__&gdpr=0&gdpr_consent=&puid=&s=2&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=so3_KrGlzcHbAuaMi-62&gdpr=0&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=so3_KrGlzcHbAuaMi-62&gdpr=0&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=so3_KrGlzcHbAuaMi-62&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ttd
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=seedtag&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&google_hm=M2FlYmE0ZjUtNzdmOS00YWRiLTk0MDAtZThkYTJmYTZkNWU3
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEI7t3iJVGewR7x-s3NPBlxQ&google_cver=1&ssp=seedtag&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=
Date
Tue, 09 Jan 2024 18:20:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
richaudience
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D&rd=1
  • https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=6d8b775f-2de4-4513-be28-1zz1704824352
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=6d8b775f-2de4-4513-be28-1zz1704824352
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:50 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/richaudience?channeluid=6d8b775f-2de4-4513-be28-1zz1704824352
date
Tue, 09 Jan 2024 18:19:12 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server_match
ad.360yield.com/ Frame 489F 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.216.175.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-175-37.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Jan 2024 18:20:46 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HllfL6%2F%2BxDCfe%2FLqTeTQdk7RLU39iner0wsFSLJ10KEUpMHAuu5WqQ7n%2FHFUywlygHTqhD9to2wVrf2DbqqXTv9IV%2FJBUItH62Aykh%2BxZkkHE812mj931yGisLm%2BwWwvBUKv7sdiGyFPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
cache-control
no-cache
cf-ray
842eb2362836498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame 489F 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
server
nginx
content-length
43
content-type
image/gif
sovrn
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H9rsaBZHS1_DxDIGQwucF1W-
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H9rsaBZHS1_DxDIGQwucF1W-
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=H9rsaBZHS1_DxDIGQwucF1W-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
openx
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=a3876fb1-e389-4386-83d2-d8e557c3ffea
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=a3876fb1-e389-4386-83d2-d8e557c3ffea
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=a3876fb1-e389-4386-83d2-d8e557c3ffea
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk51bfba69b98a4079bb45f5a86d03c604
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk51bfba69b98a4079bb45f5a86d03c604
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mk51bfba69b98a4079bb45f5a86d03c604
date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=3oY3FS8diot_u6RHYKgJP_l8cPL9zWSPIBFx0wx72-o&pi=seedtag&tc=1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=3oY3FS8diot_u6RHYKgJP_l8cPL9zWSPIBFx0wx72-o&pi=seedtag&tc=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=3oY3FS8diot_u6RHYKgJP_l8cPL9zWSPIBFx0wx72-o&pi=seedtag&tc=1
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT, Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame 489F
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU217ad19eed6f4568986ccaa6fd566470
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU217ad19eed6f4568986ccaa6fd566470
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU217ad19eed6f4568986ccaa6fd566470
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 767A 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11815
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
cframe.js
assets.a-mo.net/js/ Frame AE92 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: sync.a-mo.net
URL: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---_e=CroBShBscy5rdXJkZ296YXIuZnVuUgthYXMtMTRiMDRmZVoIcGJhMS4zLjNqEGxzLmt1cmRnb3phci5mdW76AQU4LjcuMOgCAYgD-5z2rAaoAzrqAyQ0Mjc1OTQzYS1iMThmLTQxOWYtYjcyNy01MjA0NWU5ZWMwMGWqBANEQ0iyBQNVU0TSBQQxMTI22AUA4AUA6gUHZGVza3RvcPoFBGRjMTOqBwN3ZWLKBw1rdXJkZ296YXIuZnVu4AcB
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 2e9033da1cf7b64ac622ab535b39a266.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
366
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
server
cloudflare
etag
W/"e3fef3a35c249816d0d7aa58df5e6bf4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
842eb236fc527482-MIA
x-amz-cf-id
l5D2p6igfEKdqjbVrRGZPq2mf2hUDdxPsrHXoozdzeFhPUNBwk5sVg==
expires
Tue, 09 Jan 2024 19:20:46 GMT
xuid
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2NjAyNTcwMzQxMzY5ODU0MzIx
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOJdEtp1wZd_KCWBC8QGzCE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOJdEtp1wZd_KCWBC8QGzCE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOJdEtp1wZd_KCWBC8QGzCE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 61DE
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2NjAyNTcwMzQxMzY5ODU0MzIx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2NjAyNTcwMzQxMzY5ODU0MzIx
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzE2NjAyNTcwMzQxMzY5ODU0MzIx
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 61DE 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=316602570341369854321&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 208CD8348E084EEF9275BB1CDB6F7122 Ref B: MIAEDGE1506 Ref C: 2024-01-09T18:20:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOh1+KJv/wSNNTqxCoGw==
xuid
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/316602570341369854321?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-NCbcRp1E2oSbN3QS7dzu3zdnNvMYZGAjoHwPXYFW8w--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NCbcRp1E2oSbN3QS7dzu3zdnNvMYZGAjoHwPXYFW8w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-NCbcRp1E2oSbN3QS7dzu3zdnNvMYZGAjoHwPXYFW8w--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=316602570341369854321&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8885991503366795456&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 09 Jan 2024 18:20:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=aada912d-ad00-4845-9f80-53cace5b5ff7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=aada912d-ad00-4845-9f80-53cace5b5ff7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=aada912d-ad00-4845-9f80-53cace5b5ff7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1528691
content-length
0
expires
Tue, 09 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 61DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7520810513224092898&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7520810513224092898&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
4ad0b8d5-94c8-4a66-aa16-6905a95e8c8b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=7520810513224092898&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 61DE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=316602570341369854321
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
56f75e11-17f6-40f5-b363-ae8b14029e69
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3CF3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4329e0fe19d270a07dcdd7b96014347b861c40a71527469e5c3e637cb61cfcf0

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb23668ec498c-MIA
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=km5R2MvsnuAc3lt69ERdthy%2Fwz57Xkq6wxzs9AQ4iPNHJA9mOyVUQoF0Od3%2F8f1AlJFcoaChe9oBpcGY3HU7GSXJF5Eipua07rJWfQzgeCrY6ilosj3zJxrqtfnOvqy8yQtj5uYItugw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 370F 		0
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
1909e04e-fc97-401a-bfeb-4f94f001eb88
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7999 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11815
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
khaos.json
token.rubiconproject.com/ Frame 767A 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Expires
0
usersync
usersync.gumgum.com/ Frame 056A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7520810513224092898
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7520810513224092898
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
7cb73a7d-094b-445f-b336-ea898da9867c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7520810513224092898
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 056A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8554590414900769265&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 09 Jan 2024 18:20:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 056A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=06e39297-1227-4f05-b230-7bccff700e1c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=06e39297-1227-4f05-b230-7bccff700e1c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=06e39297-1227-4f05-b230-7bccff700e1c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 056A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Date
Tue, 09 Jan 2024 18:20:46 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 056A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-gzjpi79E2pfKlGBwxBOCJ08NNhDAlYXjQigV~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-gzjpi79E2pfKlGBwxBOCJ08NNhDAlYXjQigV~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-gzjpi79E2pfKlGBwxBOCJ08NNhDAlYXjQigV~A
content-length
0
usersync
usersync.gumgum.com/ Frame 056A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f47c7649-b3c5-43a5-9583-4631c7f3a88e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f47c7649-b3c5-43a5-9583-4631c7f3a88e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f47c7649-b3c5-43a5-9583-4631c7f3a88e
Date
Tue, 09 Jan 2024 18:20:46 GMT
Connection
keep-alive
X-CI-RTID
c83a607d-0d24-4b12-8d7c-a8b4d0273ee7
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9CCE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=4808172105229473040&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=4808172105229473040&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=4808172105229473040&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 73A9 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83OTU1ZWNkMi1iZDgxLTRjN2UtOTNiMC1iMWU3ZmJiNzAzNjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F37 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.213.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-213-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137529
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Thu, 11 Jan 2024 08:32:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0AB8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:46 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=1ee2284a-f33d-41b0-8f2b-c94a02cccf95
server
Kestrel
usersync
usersync.gumgum.com/ Frame 24F7
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZZ2Of8Co5ukAAG3wG44AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZZ2Of8Co5ukAAG3wG44AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 18:20:47 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZZ2Of8Co5ukAAG3wG44AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad388.dc4p.scaleout.jp
X-SO-IP
38.132.118.70
X-SO-Key
ZZ2Of8Co5ukAAG3wG44AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.70","key":"ZZ2Of8Co5ukAAG3wG44AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad388"}
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad388
usermatchredir
ssum-sec.casalemedia.com/ Frame 3CF3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJqf_8zDLmD3TMsSnCmElR8&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJqf_8zDLmD3TMsSnCmElR8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nomCbPr5gYkk13fMXz5xWXTHA3CgqSw9QQXCRroCiA46wj%2B7htVl8NKVWSlZ%2FhGL4csdH0YXdCPgoaEnNFzmdzdkNFqrYEJX8haIr%2B9j0mYIcOgnzVdXr5rjxgm1WcJN30U0%2BHTgCcB4yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb2380c1a498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJqf_8zDLmD3TMsSnCmElR8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3CF3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale?us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&expiration=1707416446&gdpr=0&gdpr_consent=
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&expiration=1707416446&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azi%2Fc7AfUEu2ibZuJKXwyFYS4jq7Di5IjkAHYZthXJvVaF6wyyz6M45xmNOeM4fuGzLyNLoEk9wPcqwZGg5vgii8RAKurRrcqvNiPaTCvBiLqd2Vi3jL1xh8r7o4U8XkUKbwYMI68LaIIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb237ed992583-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&expiration=1707416446&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 3CF3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?us_privacy=1---&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZZ2OfgFH6TQYkZqRcKACIwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEJgJTL5S7MezPMbAxwY1nM&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEJgJTL5S7MezPMbAxwY1nM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCMuGdjWuYt1334oAeJPjO8jKaQJzV3lcMbnR8zXVnu7upSbCBCxuVUAaxnCjEmIBnHx0xL%2FovP5Ze6gbnrPRvJ8%2FLh2f%2F67OlE7DQTdKDAXTE8WGLpGp31AxBJpqzXi41C8FSgJeK%2BFEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb238dd49498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEJgJTL5S7MezPMbAxwY1nM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3CF3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3VSX69P0TE5D305DKH2N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 3CF3 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:8195:e213:790a:708a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
113
match.deepintent.com/usersync/ Frame 3CF3 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:46 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
rum
dsum-sec.casalemedia.com/ Frame 3CF3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4430111625358761738
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4430111625358761738
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VikplkVz3NICaMcX8x0ahMXh9g%2FMgc9dVOnM0JS1mIc%2FLbQAdZVGUS8%2BJmGxEkCz3LBQD0JAatQnBrJetElEgrY82gddOloC9QNLZ7JAOF04HuxlzikCPtwXDlNn6A%2FK9bkWASN0UZ3YVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb2380c16498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4430111625358761738
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3CF3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1597947577565009521&expiration=1706034046
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1597947577565009521&expiration=1706034046
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mp5sUWL5MsPuQWcWfITMoyLlG4%2FykVc5lRJEYN5aJj1wc0A35Qr7pOYZHp32U8GDQVt9TnvRpFDkR46WBEYiB3NGVSAN64FBakTs%2BpSFYvAftuI8YJqk%2FNbG%2Fd%2BG%2BjpmgSVEIvKMadO3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb239df5a498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1597947577565009521&expiration=1706034046
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3CF3 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZZ2OfgFH6TQYkZqRcKACIwAA%262930=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fls.kurdgozar.fun%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
34817
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
842eb2377f9a334d-MIA
content-length
43
expires
Wed, 10 Jan 2024 18:20:46 GMT
usync.js
eus.rubiconproject.com/ Frame 0169 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11815
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
sync
usr.undertone.com/userPixel/ Frame 767A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
54.164.245.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-245-185.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
khaos.json
token.rubiconproject.com/ Frame 7999 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 0AC4 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:b000::1737:ebe1 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3f72bc478fe8bdfc0d71966f03269d1400530dc5b86bfe964e181991ba89b19c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Dec 2023 14:00:12 GMT
Server
AkamaiNetStorage
ETag
"9bd2e1c1f91b92b58200dbf9a10e7938:1704270086.237201"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3190
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 0AC4 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:42 GMT
Server
AkamaiNetStorage
ETag
"742b2a86812ba14a01984e42bbf75bd2:1700471507.784273"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 0AC4 		154 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b205e88991731a228fd27cdb2f729a087290f10325d97622ca19b8376524266

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:42 GMT
Server
AkamaiNetStorage
ETag
"16285d7800e5f44b3c3d6d484f4e45fc:1700471508.128762"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4141
idl.js
assets.a-mo.net/js/ Frame AE92 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=ls.kurdgozar.fun&e=27&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 f465fdeca906afa0539bb462afc69502.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MIA3-C3
age
172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Nov 2023 21:08:31 GMT
server
cloudflare
etag
W/"771a6a92588a8fb45e42a04fa3fe9ddd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
842eb238f8c27482-MIA
x-amz-cf-id
ZCU_tyZ8Mm9Td-XxRfr7LCwCLFOs89nc0FiecYK7DyCzZXdblQyNjA==
expires
Tue, 09 Jan 2024 19:20:46 GMT
usync.html
eus.rubiconproject.com/ Frame 81C5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-adaptmx
  • https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.a-mo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
server
AkamaiGHost
setuid
prebid.a-mo.net/ Frame AE92
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&gdpr=0&us_privacy=1---
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=%24%7Buser_id%7D&gdpr=0&consent=&usp=1---&ssp=adaptmx&bsw=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&chk=1
  • https://x.bidswitch.net/sync?dsp_id=457&user_id=M2Q0YTJiZTAyZDBhODYzMw&gdpr=0&gdpr_consent=&us_privacy=1---&ssp=adaptmx&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&gdpr_consent=&us_privacy=1---
0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&gdpr_consent=&us_privacy=1---
Date
Tue, 09 Jan 2024 18:20:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame AE92
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.a-mo.net/ Frame AE92
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Damx_com%26uid%3D
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=amx_com&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=amx_com&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=amx_com&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
date
Tue, 9 Jan 2024 18:20:46 GMT
content-length
0
setuid
sync.a-mo.net/ Frame AE92
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=openx&uid=c800b928-83ad-44ba-bec7-ab34b67bcdd7
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=openx&uid=c800b928-83ad-44ba-bec7-ab34b67bcdd7
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
5
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=openx&uid=c800b928-83ad-44ba-bec7-ab34b67bcdd7
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152
cookie
cm.adform.net/ Frame AE92 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dadform%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
server
nginx
content-length
43
content-type
image/gif
BC5D1A00-930F-464F-9EB1-22F01C98B67F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AE92
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.a-mo....
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC5D1A00-930F-464F-9EB1-22F01C98B67F?gdpr=0&gdpr_consent=
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC5D1A00-930F-464F-9EB1-22F01C98B67F?gdpr=0&gdpr_consent=
Protocol
H2
Server
2600:1f18:4e9:5a01:1124:2146:f275:933 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC5D1A00-930F-464F-9EB1-22F01C98B67F?gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
126
content-type
text/html; charset=utf-8
setuid
sync.a-mo.net/ Frame AE92
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dindex_rtb%26uid%3D
  • https://sync.a-mo.net/setuid?us_privacy=1---&A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=index_rtb&uid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?us_privacy=1---&A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=index_rtb&uid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ9cFIyazQJ9xyr6GkNBSufXtRstEZowszzbQirueQ2aGxzBBFGwhlSvJuP9qgV3qr5cOOULUIDPdyJ9iBHc8sbIaUKExgpbazDoU56i2bUNvaQv9ra52Xy%2B798hxJzLXgh2Gy4d"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.a-mo.net/setuid?us_privacy=1---&A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=index_rtb&uid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
cache-control
no-cache
cf-ray
842eb2390fec2583-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
ap.lijit.com/ Frame AE92 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dsovrn%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 09 Jan 2024 18:20:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
sync.a-mo.net/ Frame AE92
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dappnexus%26uid%3D%24UID
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=appnexus&uid=7520810513224092898
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=appnexus&uid=7520810513224092898
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
f9e1f6be-47c0-4c29-9fb9-c1abd5453a5a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=appnexus&uid=7520810513224092898
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame AE92 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&do=ls.kurdgozar.fun
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
content-length
0
content-type
text/html
setuid
ib.adnxs.com/prebid/ Frame AE92 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&do=ls.kurdgozar.fun
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
a377adb2-dbe1-4cb5-985d-0979a0a63dea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame C85E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:46 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBC7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704824446776.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.213.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-213-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137529
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Thu, 11 Jan 2024 08:32:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 09 Jan 2024 18:20:45 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP012
x-33x-status
40000000008200000A
33across
s.seedtag.com/cs/cookiesync/ Frame E0A4
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1704824446776.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERI...
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212413095182627
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212413095182627
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212413095182627
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E0A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=dba56871-0b20-46db-bd19-7ae561c49b44&expires=3&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E0A4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-VP8njQdE2uEhmWUEk9IJ3CNeuBffQnRK~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-VP8njQdE2uEhmWUEk9IJ3CNeuBffQnRK%7EA&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-VP8njQdE2uEhmWUEk9IJ3CNeuBffQnRK%7EA&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-VP8njQdE2uEhmWUEk9IJ3CNeuBffQnRK%7EA&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E0A4
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5795915c63241328&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHY32zNWV7qwNk9Z9sAAAAAAA&expiration=1704910847&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHY32zNWV7qwNk9Z9sAAAAAAA&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHY32zNWV7qwNk9Z9sAAAAAAA&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHY32zNWV7qwNk9Z9sAAAAAAA&ts=1704824447&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E0A4
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=316602570341369854321
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=316602570341369854321&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=316602570341369854321&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=316602570341369854321&ts=1704824446&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2F37 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88080620&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4b9fa218ade80436623bb6ebe91150413e9c68bc434c41ee97592f239aaf31b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:20:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 0169 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_c...
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
802ab43f-ead1-41ca-a8f8-28ed7d74c114
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
an-x-request-uuid
cfc2cf60-1d94-4a68-a675-874be75405ef
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=70&p=120&cp=adyoulike&cu=1&url=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fis_cookie_sync_uid%3Dtrue%26uid%3D4246a50e6cf42e85f26c381a4b7701fb%2...
  • https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=aada912d-ad00-4845-9f80-53cace5b5ff7
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=aada912d-ad00-4845-9f80-53cace5b5ff7
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://visitor.omnitagjs.com/visitor/sync?is_cookie_sync_uid=true&uid=4246a50e6cf42e85f26c381a4b7701fb&name=CRITEO&visitor=aada912d-ad00-4845-9f80-53cace5b5ff7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
889966
content-length
0
expires
Tue, 09 Jan 2024 00:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame 0BF5 		0
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=3cd76bec6dc08e0d573cb7191567d5bd
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-42.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
via
1.1 5773f2f43b989a9f02f459e75620d5f4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK52-P1
x-amz-cf-id
rtpw0GgG3JNNLErwV5YgeT1sXLiVxMiMUU8PnhviDaMunPyUdZs15g==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadyo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=24afc718dd2e41259cbf95e82681972f&ssp=adyoulike&bsw_param=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&name=BIDSWITCH&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&name=BIDSWITCH&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&name=BIDSWITCH&gdpr=0&gdpr_consent=
Date
Tue, 09 Jan 2024 18:20:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT, Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABPHU7LOx0AABPb3P8NtA&name=BEESWAX
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABPHU7LOx0AABPb3P8NtA&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AABPHU7LOx0AABPb3P8NtA&name=BEESWAX
Date
Tue, 09 Jan 2024 18:20:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&name=THE_TRADE_DESK
49 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&name=THE_TRADE_DESK
date
Tue, 09 Jan 2024 18:20:46 GMT
server
Kestrel
content-length
319
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
216
content-type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
18
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
217
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aefee888-7301-4377-bec7-2b0b76abcc15%20&gdpr_consent=null&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aefee888-7301-4377-bec7-2b0b76abcc15%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=aefee888-7301-4377-bec7-2b0b76abcc15 &gdpr_consent=null&gdpr=0
date
Tue, 09 Jan 2024 18:20:47 GMT
server
_
content-length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=so3_KrGlzcHbAuaMi-62&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0422040068aa7409541cbc&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0422040068aa7409541cbc&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0a0422040068aa7409541cbc&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Tue, 09 Jan 2024 18:20:47 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Tue, 09 Jan 2024 18:20:46 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
pixel
ap.lijit.com/ Frame 0BF5 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.68 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 09 Jan 2024 18:20:46 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_US...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=15851005-14d1-4b2f-a384-e574e56083c0&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=15851005-14d1-4b2f-a384-e574e56083c0&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
server
nginx
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=15851005-14d1-4b2f-a384-e574e56083c0&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0BF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.203.113.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-113-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sync
visitor-usa02.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2a9afb6d6be64471b2d5e4c4de0237bc&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2a9afb6d6be64471b2d5e4c4de0237bc&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:48 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Date
Tue, 09 Jan 2024 18:20:47 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=2a9afb6d6be64471b2d5e4c4de0237bc&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
sync
visitor.omnitagjs.com/visitor/ Frame 0BF5
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=8d57a772-cea0-4dfd-88b2-547bc81fe101&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=8d57a772-cea0-4dfd-88b2-547bc81fe101&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

x-servername
Track001-iad
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:13 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=8d57a772-cea0-4dfd-88b2-547bc81fe101&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame 0BF5 		42 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
63fcf36a-1b08-4816-8696-67257162dbfc
https://sync.a-mo.net/ Frame AE92 		177 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sync.a-mo.net/63fcf36a-1b08-4816-8696-67257162dbfc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
901c353a04a1233bef18c0007d254d44d99160c1d886a4aec1492531af4a5090

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
177
Content-Type
usync.html
eus.rubiconproject.com/ Frame EA71
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:47 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
de.tynt.com/deb/ Frame DEEF
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26v...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
65cd5dce260d803aa2423fe2b7238d8235b318b3b16df23b53c2902c57476716

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2202
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8340000A
usync.html
eus.rubiconproject.com/ Frame 7BC5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jan 2024 18:20:47 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 09 Jan 2024 18:20:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 8593 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 57FA 		1007 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.143 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
8de52587964fc55011c277f6e85ba003311240970ec2373662ecb2a7cfcc53eb

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1007
content-type
text/html
date
Tue, 09 Jan 2024 18:20:46 GMT
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 0169
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LR6OGFBQ-17-B2QO&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LR6OGFBQ-17-B2QO&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame B60F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a1d31153a9726e76f76591b198cfcf118be40c29ded95cc08f94e2bb2d5eb0

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb239df70498c-MIA
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 18:20:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwRQnkX%2BD28fQNeN5WS4gA7D5KPkDlRLixJbE1ryncpIDkb24A1bwMJD3%2F1UmgIbOx0fQW0WuBIe40yGt0MJ4AL2TfJeUp7UtuOgbHXn4L1KoKHVLf7r0a9S5HXwH%2FwFcYCXeMBMkp6JXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 81C5 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-adaptmx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11814
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
dcm
s.amazon-adsystem.com/ Frame 7BCB 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BC5D1A00-930F-464F-9EB1-22F01C98B67F&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
E0G3GH34DJBFX9XGPS3D
ImgSync
image8.pubmatic.com/AdServer/ Frame E0B3
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf8dd3fa-af1b-11ee-8b55-3aa3bc7cd16c
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4430111625358761738&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1---
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 09 Jan 2024 18:20:47 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=1---
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame EC4E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCUEhVN0xPeDBBQUJQYjNQOE50QQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AABPHU7LOx0AABPb3P8NtA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABPHU7LOx0AABPb3P8NtA&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABPHU7LOx0AABPb3P8NtA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8280212633832615062&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AABPHU7LOx0AABPb3P8NtA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D8280212633832615062%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=8280212633832615062&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPHU7LOx0AABPb3P8NtA&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPHU7LOx0AABPb3P8NtA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 18:20:48 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABPHU7LOx0AABPb3P8NtA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8027
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ2OfwANSE41gQBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 09 Jan 2024 18:20:47 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760039-MIA
x-timer
S1704824448.673237,VS0,VE27

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 09 Jan 2024 18:20:47 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZ2OfwANSE41gQBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760039-MIA
x-timer
S1704824448.602118,VS0,VE26
Pug
simage2.pubmatic.com/AdServer/ Frame 2FEA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7520810513224092898&gdpr=0&gdpr_consent=
42 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7520810513224092898&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 07:32:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ba717b91-6850-454e-90da-fd0886536f7d
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:47 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7520810513224092898&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 1742
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=77ffe599-6810-4b64-af6b-0013c8b40348&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 09 Jan 2024 07:32:42 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync
usersync.gumgum.com/ Frame 57B5 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:47 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vF0aAJMPRk-esSLwHJi2fw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Server
23.56.213.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-213-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=137528
accept-ranges
bytes
content-length
5622
expires
Thu, 11 Jan 2024 08:32:55 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 2F37
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=d9463951-a6be-4f6f-8739-d6925d9ef1b7&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04019751067623948172320445127114259055&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04019751067623948172320445127114259055&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

dcs
dcs-prod-va6-1-v053-0df904793.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
SujRHiB0Q1o=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=04019751067623948172320445127114259055&pt=d9463951-a6be-4f6f-8739-d6925d9ef1b7%2C%2C
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 2F37 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BC5D1A00-930F-464F-9EB1-22F01C98B67F&rnd=RND
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 2F37 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
BC5D1A00-930F-464F-9EB1-22F01C98B67F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2F37 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BC5D1A00-930F-464F-9EB1-22F01C98B67F?gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:1124:2146:f275:933 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 2F37
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iCtGwrhE2uVzHlMzDmIEaDVKSntaoxI-~A&gdpr=0
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iCtGwrhE2uVzHlMzDmIEaDVKSntaoxI-~A&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:30:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-iCtGwrhE2uVzHlMzDmIEaDVKSntaoxI-~A&gdpr=0
date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.a-mo.net/ Frame 2F37
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f47c7649-b3c5-43a5-9583-4631c7f3a88e&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fsync.a-mo.net%2Fsetuid%3FA%3D1694ddb2-ecc5-437a-99ad-2b5e8b358db5%26bidder%3Dpubmatic%26uid%3DBC5D1A00-930F-464F-9EB...
  • https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=pubmatic&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=pubmatic&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Server
147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://sync.a-mo.net/setuid?A=1694ddb2-ecc5-437a-99ad-2b5e8b358db5&bidder=pubmatic&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
date
Tue, 09 Jan 2024 07:20:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 2F37
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2cefa7aacd451098&is_secure=true&networkId=17100&version=1&nuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHY32zNWV7rANhzl08AAAAAAA&expiration=1704910847&nuid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Server
52.6.251.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-251-62.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT

Redirect headers

location
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
95
content-type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame C85E 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11814
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
fed
ups.analytics.yahoo.com/ups/58771/ Frame AE92 		316 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58771/fed?1p=0&gdpr=0&gdpr_consent=&us_privacy=&pixelId=58771&puid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=ls.kurdgozar.fun&e=27&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
5440393401151318ce9cc9c8e45ea6e873192808c017afc5357a2a4a10769801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sync.a-mo.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://sync.a-mo.net
content-type
application/json
access-control-allow-credentials
true
sync
visitor.omnitagjs.com/visitor/ Frame 57FA 		49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=8280212633832615062&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 57FA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7322165245305944218&gdpr=0&gdpr_consent=
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7322165245305944218&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.56 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7322165245305944218&gdpr=0&gdpr_consent=
Date
Tue, 09 Jan 2024 18:20:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame 57FA
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=3cd76bec6dc08e0d573cb7191567d5bd&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=3cd76bec6dc08e0d573cb7191567d5bd&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.56 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=3cd76bec6dc08e0d573cb7191567d5bd&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
11
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 57FA
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=6dfd11c086
43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=6dfd11c086
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.56 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:46 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Tue, 09 Jan 2024 18:20:08 GMT
via
1.1 6ef654a6fd950af1eb6fc4790b972c72.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
age
39
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=6dfd11c086
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
BvaOstHdDJ93Gn59aXr9-_GyWQ96Rnd4b_XQ3RVZ3d0IJaRgCq_9Xg==
v1
match.sharethrough.com/sync/ Frame 57FA
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8280212633832615062&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8280212633832615062&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.91.113.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-113-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=8280212633832615062&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
28292
i6.liadm.com/s/ Frame B60F
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930&_li_chk=true&gpp_sid=&us_privacy=1---&gpdr=&previous_uuid=dbe77c4dc56d414288d87b374cec623f
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@&us_privacy=1---
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-IbYMa0lgOEOviwYsr25v6-K_MRsAaZK6oOECTw&us_privacy=1---
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-IbYMa0lgOEOviwYsr25v6-K_MRsAaZK6oOECTw&us_privacy=1---&us_privacy=1---
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-IbYMa0lgOEOviwYsr25v6-K_MRsAaZK6oOECTw&us_privacy=1---&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:f339:4051:d8d6:6b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:48 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-IbYMa0lgOEOviwYsr25v6-K_MRsAaZK6oOECTw&us_privacy=1---&us_privacy=1---
Date
Tue, 09 Jan 2024 18:20:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B60F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:1124:2146:f275:933 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B60F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7520810513224092898&us_privacy=1---
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7520810513224092898&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPCMUGcBJL7Hn7InqyGHTqcJNhcBS6t2wM8PEMOuC0H5O3zABy7zF%2FPcdOPD74fJ5WUwyz05RZWOl84T5D3w6mo80BMPl7oP3HltKb0nXkMxnftjzfxmeb6wUzzBwB5iO5WEfjI8C6SWlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb23bba8f498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
an-x-request-uuid
c71e21dc-28d6-4a4a-b069-b6bf65f98697
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7520810513224092898&us_privacy=1---
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B60F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABPHU7LOx0AABPb3P8NtA&expiration=1706034047&us_privacy=1---
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABPHU7LOx0AABPb3P8NtA&expiration=1706034047&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iT86L0TVzb4%2FuECgT9gNx7NSr6yI%2Fkg1kEITZf0bDtdC9cdIdwoCIFM28RU9g7Rg7bOb7RCGfC3z2EEzJhUEAR6EXx9y1ioNZS%2Bj8tK0hrOmbs1envs9oh423ihUvbu7mPJ4hd3YX%2BT70w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb23b49c7498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABPHU7LOx0AABPb3P8NtA&expiration=1706034047&us_privacy=1---
Date
Tue, 09 Jan 2024 18:20:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame B60F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=923cfbdd-01fa-475e-8b6f-b6127a4708dd&expiration=1736446847
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=923cfbdd-01fa-475e-8b6f-b6127a4708dd&expiration=1736446847
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N88dAfr1HoxNcpbVGdAjPZ7w7YWPihMRG%2FDRmVZ1ijEAQVRRjVpoAJaKSkdRhxASHiVpTAg%2B%2BV1T%2FALSaIzyYCqQG2muG5no8TlRTJkX%2B6Z18A5xJNyXKB1n8lE1qsdRdzsb4XZA%2FqmK5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb23e4ec7498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=923cfbdd-01fa-475e-8b6f-b6127a4708dd&expiration=1736446847
Date
Tue, 09 Jan 2024 18:20:47 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
tp_out
d.adroll.com/cm/index/ Frame B60F 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:8195:e213:790a:708a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame B60F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=so3_KrGlzcHbAuaMi-62&us_privacy=1---
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=so3_KrGlzcHbAuaMi-62&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFs3oI%2BybuMMq9QTCg7jgh8a7w89hGa5ifwBOsFIc18ekP5bCqs0LJHfSBChBy9x7%2BHO5%2BXYUi0FbRrBh%2BQeMZPew1%2Fdx%2FCWwTUfupkwhdyCx6iP%2BkW1LLSIsUuOTdPFA4gN0DK6u%2B5DbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb23b49c9498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=so3_KrGlzcHbAuaMi-62&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
135
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B60F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8280212633832615062&gdpr=0&gdpr_consent=
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8280212633832615062&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN2Jn75MmipvXzl1wIls2EQkL7%2Fl0LVy7mVzqjtJtY8jhsgBsB%2Bmb9YYb5wtI0YlJ0rETAiA0yQQt8VU8KQfa%2FT0dv%2FjENeCXa%2BI352Vw9SpVCIx%2Ft0CXBIZxTLqKls925895vNEV3%2FoqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb23b49c2498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8280212633832615062&gdpr=0&gdpr_consent=
date
Tue, 09 Jan 2024 18:20:46 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame B60F 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
khaos.json
token.rubiconproject.com/ Frame 81C5 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
khaos.json
token.rubiconproject.com/ Frame C85E 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
async_usersync
ib.adnxs.com/ Frame 370F 		0
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
an-x-request-uuid
e163a0b6-fc2a-402f-bb86-8fb511eee263
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EA71 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11814
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
usync.js
eus.rubiconproject.com/ Frame 7BC5 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jan 2024 21:37:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=11814
Connection
keep-alive
Content-Length
10964
Expires
Tue, 09 Jan 2024 21:37:41 GMT
magnite
prebid.a-mo.net/setuid/ Frame 81C5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
  • https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Protocol
H2
Server
147.28.146.89 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LR6OGFBQ-17-B2QO&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
/
ssc-cms.33across.com/ps/ Frame C85E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LR6OGFBQ-17-B2QO
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LR6OGFBQ-17-B2QO
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP014

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LR6OGFBQ-17-B2QO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Expires
0
/
ssc-cms.33across.com/ps/ Frame 8EF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704824447076.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP014
x-33x-status
2000208
/
ssc-cms.33across.com/ps/ Frame DEEF 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?_=1704824447076.&ri=0015a00003HljHyAAJ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:46 GMT
server
33XP015
/
ssc-cms.33across.com/ps/ Frame DEEF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707416447%26external_user_id%3D1ee2284a-f33d-41b0-8f2b-c94a02cccf95
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707416447%26external_user_id%3D1ee2284a-f33d-41b0-8f2b-c94a02cccf95
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP018

Redirect headers

location
https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1707416447%26external_user_id%3D1ee2284a-f33d-41b0-8f2b-c94a02cccf95
date
Tue, 09 Jan 2024 18:20:47 GMT
server
Kestrel
content-length
407
/
ssc-cms.33across.com/ps/ Frame DEEF 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704824447076.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP017
/
ssc-cms.33across.com/ps/ Frame DEEF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP018

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
ssc-cms.33across.com/ps/ Frame DEEF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP016 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP016

Redirect headers

Location
https://ssc-cms.33across.com/ps/?xi=120&xu=-tBDgfwlV_hvwp42xPpc4iaEdkY
Date
Tue, 09 Jan 2024 18:20:47 GMT
Connection
keep-alive
Content-Length
97
Content-Type
text/html; charset=utf-8
/
ssc-cms.33across.com/ps/ Frame DEEF 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?us_privacy=&ts=1704824447076.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-33x-status
2000208
date
Tue, 09 Jan 2024 18:20:47 GMT
server
33XP018
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:47 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
khaos.json
token.rubiconproject.com/ Frame EA71 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
khaos.json
token.rubiconproject.com/ Frame 7BC5 		7 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame EA71
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&us_privacy=1---&khaos=LR6OGFBQ-17-B2QO
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LR6OGFBQ-17-B2QO&name=RUBICON&gdpr=0&us_privacy=1---
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LR6OGFBQ-17-B2QO&name=RUBICON&gdpr=0&us_privacy=1---
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:48 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LR6OGFBQ-17-B2QO&name=RUBICON&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7c5d24517ee193cc868994bc18883d1d
Expires
0
sync
eb2.3lift.com/ Frame 133D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/2.0232b63a83bdc11b1701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
aa8bffe1ad305d87052a9ade3391dfcd9ab204eedb24c1601f1ba5117881388c

Request headers

Referer
https://ls.kurdgozar.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1249
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:48 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ib.adnxs.com/prebid/ Frame 133D 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=316602570341369854321
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:48 GMT
an-x-request-uuid
cd68f82c-b95d-40ad-955e-58178b7f60a7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 133D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70&dongle=4430
Date
Tue, 09 Jan 2024 18:20:48 GMT
Connection
keep-alive
Content-Length
139
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 133D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=f47c7649-b3c5-43a5-9583-4631c7f3a88e&dongle=d54f&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=f47c7649-b3c5-43a5-9583-4631c7f3a88e&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=f47c7649-b3c5-43a5-9583-4631c7f3a88e&dongle=d54f&gdpr=0&gdpr_consent=
Date
Tue, 09 Jan 2024 18:20:48 GMT
Connection
keep-alive
X-CI-RTID
589a7f97-121b-490c-94c8-68b74ef1faff
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame 133D 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.173.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-173-106.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:48 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame 133D 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.173.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-173-106.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:48 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 133D 		42 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=316602570341369854321&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:47 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0C908E3F89BB48C4B2C35C7A6EEA2F18 Ref B: MIAEDGE2610 Ref C: 2024-01-09T18:20:48Z
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 133D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AABPHU7LOx0AABPb3P8NtA&dongle=bzwx&gdpr=0
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AABPHU7LOx0AABPb3P8NtA&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AABPHU7LOx0AABPb3P8NtA&dongle=bzwx&gdpr=0
Date
Tue, 09 Jan 2024 18:20:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 133D
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=628dfea8a2e013c6&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG5E3KKch8agN95BR6AAAAAAA&expiration=1704910848&is_secure=true&gdpr_consent=&gdpr=0
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG5E3KKch8agN95BR6AAAAAAA&expiration=1704910848&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAG5E3KKch8agN95BR6AAAAAAA&expiration=1704910848&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 133D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 09 Jan 2024 18:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:48 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 133D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=316602570341369854321
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
setuid
prebid-server.rubiconproject.com/ Frame 133D 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=316602570341369854321
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
SPug
simage4.pubmatic.com/AdServer/ Frame 2F37 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 07:32:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 6CB9 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90301059&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fd2b3f7d22341c6920c2262cbfd12a1b9c9a286f909b90ecd9d2b76f2fc5ca0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:20:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame E882
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_52c322e525534ac1bdc82
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_52c322e525534ac1bdc82
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Tue, 09 Jan 2024 18:20:49 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_52c322e525534ac1bdc82
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
image2.pubmatic.com/AdServer/ Frame 9CD2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame C6E3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pey8Kix61RngIy5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pey8Kix61RngIy5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 07:34:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Jan 2024 18:20:50 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:Pey8Kix61RngIy5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0ac43d1f54d984124@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6234
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jan 2024 18:20:50 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 39B7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=923cfbdd-01fa-475e-8b6f-b6127a4708dd&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.0.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-0-32.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:50 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 09 Jan 2024 18:20:50 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame BE2F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 18:20:49 GMT
expires
Tue, 09 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
661442
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame D8C8
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477423030163126
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477423030163126
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 09 Jan 2024 18:20:50 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477423030163126
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame 1D7E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
842eb24fbffeda4f-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
842eb24ede81da4f-MIA
content-type
text/html
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
2489
pubmatic
ad.mrtnsvr.com/sync/ Frame 39C8 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4CBC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874946162095
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874946162095
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=874946162095
Pug
image2.pubmatic.com/AdServer/ Frame 73C2
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU217ad19eed6f4568986ccaa6fd566470
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU217ad19eed6f4568986ccaa6fd566470
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU217ad19eed6f4568986ccaa6fd566470
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame B7CD
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 09 Jan 2024 18:20:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 20F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:edf8659d-8e82-4c00-8185-6c25c035f5d1&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:edf8659d-8e82-4c00-8185-6c25c035f5d1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:50 GMT
Expires
Tue, 09 Jan 2024 18:20:49 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x12 config_version:"1604"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:edf8659d-8e82-4c00-8185-6c25c035f5d1&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 6B65
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GrGlv7bdAae_AMmvgo6dZQ
42 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GrGlv7bdAae_AMmvgo6dZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=GrGlv7bdAae_AMmvgo6dZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame EB83
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7988283243
  • https://sync.1rx.io/usersync/tradedesk/1ee2284a-f33d-41b0-8f2b-c94a02cccf95
  • https://sync.targeting.unrulymedia.com/csync/RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 18:20:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 09 Jan 2024 18:20:50 GMT
etag
RX93d83a7398df4439a8e0f8e5385c4f18005
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
cm
ipac.ctnsnet.com/int/ Frame A5D6 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 61E8 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:50 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-05188b1f3b2d@version_1.579v2
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame B652 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 09 Jan 2024 18:20:50 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 0C26
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7581108501708409104&uid=Q758110850170840...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581108501708409104
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581108501708409104
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 07:19:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=41511
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Tue, 09 Jan 2024 18:20:50 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7581108501708409104
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame D3A6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 09 Jan 2024 18:20:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Mon, 08 Jan 2024 18:20:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:005896DF262D4D79A49C9C9CAB8EDDBB&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
pubmatic
s.seedtag.com/cs/cookiesync/ Frame EA0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 09 Jan 2024 18:20:50 GMT
server
openresty
via
1.1 google
insync
thrtle.com/ Frame 6CB9
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&vxii_pid=12&vxii_pid1=10067&vxii_rcid=136574b3-cbf7-4be7-9227-7e0502afda28
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&vxii_pid=12&vxii_pid1=10067&vxii_rcid=136574b3-cbf7-4be7-9227-7e0502afda28
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Server
34.234.194.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-194-189.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 09 Jan 2024 18:20:50 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&vxii_pid=12&vxii_pid1=10067&vxii_rcid=136574b3-cbf7-4be7-9227-7e0502afda28
date
Tue, 09 Jan 2024 18:20:50 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 6CB9 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 6CB9 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.106.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-106-196.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 6CB9 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.214.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-214-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 09 Jan 2024 18:20:50 GMT
sn.ashx
pmp.mxptint.net/ Frame 6CB9
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10F07D670_5971363D&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387829250; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 09 Jan 2024 18:20:50 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387829250; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 09 Jan 2024 18:20:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 6CB9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1597947577565009521
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1597947577565009521
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 07:34:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1597947577565009521
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6CB9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6b0fcb35-586c-4e4a-87a8-62472337f724&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6b0fcb35-586c-4e4a-87a8-62472337f724&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=7710-2308-01&pc=US&us=1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 09 Jan 2024 07:00:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6b0fcb35-586c-4e4a-87a8-62472337f724&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 09 Jan 2024 18:20:50 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 2F37 		692 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38833413&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e0b535fff45f96ec551a2478a878d0bdf314ab660480732d025258d13aab387c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 09 Jan 2024 18:20:49 GMT
content-length
692
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame BD5B 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 09 Jan 2024 18:20:50 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 2F37 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.10.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-10-49.iad12.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:50 GMT
via
1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD12-P3
content-length
0
x-amz-cf-id
eduF6L8KVXp3CvjMtXBqyTZrwZxanw4R-qGLe3UZPFjFkdGRjmx6YA==
x-cache
Error from cloudfront
362358.gif
idsync.rlcdn.com/ Frame 2F37
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKbpMTI81v7jpJlN7p5MykA&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKbpMTI81v7jpJlN7p5MykA&google_cver=1
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:50 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEKbpMTI81v7jpJlN7p5MykA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=BC5D1A00-930F-464F-9EB1-22F01C98B67F/gdpr=0/ Frame 2F37 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=BC5D1A00-930F-464F-9EB1-22F01C98B67F/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-169-119.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.56.206
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 2F37 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:50 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
match
events-ssc.33across.com/ Frame C980 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Tue, 09 Jan 2024 18:20:50 GMT
via
1.1 google
match
events-ssc.33across.com/ Frame B794 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Tue, 09 Jan 2024 18:20:50 GMT
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame 4A3D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cdb561fb1b58c48b93d9e5ade98a4f21301a892cc0865107bfd341ed0e9df40

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
842eb251fbde498c-MIA
content-encoding
br
content-type
text/html
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7S3wZBf7wY2eHQzn6JRcpqzmpr99pXL%2F%2BxKtuO9I67kS6mGEt9bYvg%2F5lzky%2BelqDTmMZE%2B%2FlEb6ENmNLuERowHa8MI2K5enqhPA%2FUPZ%2FuUrIYYk8%2FqFsPxSh7VvhkbqksdNCWu4eeUig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
track.adform.net/Serving/Cookie/ Frame 99CB 		92 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
51e8e95315258db661cc8fbb408910f79807f86282986aa8a969e5b1b05d2f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
201
expires
-1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 49A9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.213.14 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-213-14.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137525
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 09 Jan 2024 18:20:50 GMT
expires
Thu, 11 Jan 2024 08:32:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/ Frame 99CB
Redirect Chain
  • https://id5-sync.com/s/286/9.gif?puid=6d8b775f-2de4-4513-be28-1zz1704824352&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euco...
  • https://ce.lijit.com/merge?pid=58&3pid=BC5D1A00-930F-464F-9EB1-22F01C98B67F&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1242%2F8%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/286/1242/8/2.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F821%2F7%2F3.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/821/7/3.gif?puid=aefee888-7301-4377-bec7-2b0b76abcc15&gdpr=0&gdpr_consent=
  • https://match.deepintent.com/usersync/147?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F987%2F6%2F4.gif%3Fpuid%3D%24%7BDI_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/987/6/4.gif?puid=di_52c322e525534ac1bdc82&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid={ID5UID}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=LR6OGFBQ-17-B2QO&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LR6OGFBQ-17-B2QO&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1243%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_co...
  • https://id5-sync.com/c/286/1243/4/6.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/286/101/3/7.gif?puid=f40eb6b1-7111-4714-b5d9-64d8b77e171d&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F104%2F2%2F8.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/104/2/8.gif?puid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=26&3pid=3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1227%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/286/1227/1/9.gif?puid=H9rsaBZHS1_DxDIGQwucF1W-&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fid5-sync.com%2Fa%2F286%2F1126%...
  • https://id5-sync.com/a/286/1126/0/10/gif/0/0/0/0/f47c7649-b3c5-43a5-9583-4631c7f3a88e
  • https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA
95 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Tue, 09 Jan 2024 18:19:15 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/a6c163b098d05a413cd1682e26fae172/?gdpr=0&euconsent=&uid=ID5-8e03ai_VJDA4sfp7tjiIU4tvQShNF_nWZ1yOrLcwaA
date
Tue, 09 Jan 2024 18:20:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
rum
dsum-sec.casalemedia.com/ Frame 4A3D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gGj2kY44-MybOPqXj23il4VtrpSbOfbNgm3Ek8qh
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gGj2kY44-MybOPqXj23il4VtrpSbOfbNgm3Ek8qh
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u557Za0h6YWsdjNGiAvacfoB2vmrcAHp8ceiOOZShaRHSBP6T%2FULZIl1f7f5YdXFhtZ6weKaik3yY0d%2BWuqyHk35Jsw9ax5MVWGuDI6TqnWOnWFKvTQyalpQUceQt5NcjNw0WJQvpLYNvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb252ed67498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gGj2kY44-MybOPqXj23il4VtrpSbOfbNgm3Ek8qh
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4A3D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
2600:1f18:4e9:5a01:1124:2146:f275:933 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
date
Tue, 09 Jan 2024 18:20:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixie
jelly.mdhv.io/v4/ Frame 4A3D
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f52ed82ee2697ffb22b2f840e85f41e&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo0447_7322728231207348811&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AABPHU7LOx0AABPb3P8NtA&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f52ed82ee2697ffb22b2f840e85f41e?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-H7V1.yBE2oP723gZlerWF3xEAhdNGtLtK0O8h3Ww~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjUyZWQ4MmVlMjY5N2ZmYjIyYjJmODQwZTg1ZjQxZQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFKVGgJybAyZ0LpxDIFoA5g&google_cver=1&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=Pey8Kix61RngIy5&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7520810513224092898&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=6203002&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f47c7649-b3c5-43a5-9583-4631c7f3a88e
  • https://jelly.mdhv.io/v4/pixie?
0
0
rum
dsum.casalemedia.com/ Frame 4A3D
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2efd7f444c1a1098&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF5TgR83IEQQNttPdnAAAAAAA&expiration=1704910851&is_secure=true
43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF5TgR83IEQQNttPdnAAAAAAA&expiration=1704910851&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnRf1f2kcaMrWN0mCDkTTBYVXaNE4HgHvKhN3g5qkdy%2FhrS%2Fn8KPvhsGyzyU7KIwqUahdIYF4JdTe6loNHpG5H3dTLHg9le10aEqOPzRBdOuLPhaqUJAezBrIFkyb2dRZtVU1uzC"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb2541c542583-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:51 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF5TgR83IEQQNttPdnAAAAAAA&expiration=1704910851&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
tp_out
d.adroll.com/cm/index/ Frame 4A3D 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:8195:e213:790a:708a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:50 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 4A3D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czXSeD5keW%2BpdmdgqiBQXa7kFz37zEy3TH58LuHGfdAxFhLvLTLfAiHxuaDpi5sDWgs%2FJPbe1gOddv5i8k%2BV%2B4V3mgbWBTDllbhcP3AwOEC%2BhazOImseuZwy7a%2FtSnhwYtj3NVYqlm04CA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb2537e85498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=MA35cIxGaprm1si4QTNP0RifnOU_347boKgNT-6s0EQ&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZZ2OfgFH6TQYkZqRcKACIwAA%262930
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:51 GMT, Tue, 09 Jan 2024 18:20:51 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4A3D
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477423030163126
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477423030163126
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 18:20:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIxRktDBZ4ovbDNRPEKZcZZ4n%2B%2BDTFzNaDETqx%2BZ%2FK4TmLGS5V%2B9PyZ2RlxbAaK26Q7zINDzWlBcDxkvCT4SYPZdWmzKX71J8BhS5vAfjCgzfrlLgqK2swZFmBWLZS06HtCSPCTp2Zla9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
842eb252fd84498c-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477423030163126
Date
Tue, 09 Jan 2024 18:20:50 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
31327
i.liadm.com/s/ Frame 4A3D 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZZ2OfgFH6TQYkZqRcKACIwAA%262930&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.244.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-244-32.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 18:20:50 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
/
sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/ Frame 4A3D 		95 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/?gdpr=0&euconsent=&uid=ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Tue, 09 Jan 2024 18:19:12 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame 88C2 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:19:12 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame DC55 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?gdpr=0&euconsent=&uid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 09 Jan 2024 18:19:12 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame 99CB 		95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?gdpr=0&gdpr_consent=&uid=1597947577565009521
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1704824446384&pubconsent=&euconsent=&hasConsent=1&rd=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/png
date
Tue, 09 Jan 2024 18:19:12 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
SPug
simage4.pubmatic.com/AdServer/ Frame 6CB9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 2F37 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 18:20:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
metrics
api.permutive.com/v2.0/internal/ 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/internal/metrics?k=26009fee-1ff1-493d-ae23-88df000d9627
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/8d18f0c3-5d57-46dc-87b9-bf5d4f1f3f71-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://ls.kurdgozar.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 09 Jan 2024 18:20:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
pubmatic
s.seedtag.com/cs/cookiesync/ Frame DDA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=BC5D1A00-930F-464F-9EB1-22F01C98B67F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 09 Jan 2024 18:20:53 GMT
server
openresty
via
1.1 google
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=ebaumsworld.com&p=%2F&u=DG9oEoB-6xgVBYiC9D&d=ebaumsworld.com&g=6425&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=10614&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fls.kurdgozar.fun%2F&b=4343&t=Ph2qbS7BC2Bwre70DeoGsNBgrHR5&V=143&tz=600&_acct=anon&sn=2&sv=BJr2gvCKPILXC35jtZKVbQnC1s91A&sr=external&sd=1&im=062b071f&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.115.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-115-52.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ls.kurdgozar.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 09 Jan 2024 18:20:56 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
z-na.amazon-adsystem.com
URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=65fbfb71-0187-4864-a8c1-a476d6acab1e
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13252
Domain
p.adsymptotic.com
URL
https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06684537
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
jelly.mdhv.io
URL
https://jelly.mdhv.io/v4/pixie?

Verdicts & Comments Add Verdict or Comment

460 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture object| dataLayer undefined| $ function| jQuery object| $jscomp object| Ebaum object| EbaumTopMedia function| EbaumAllStarSubscribe object| EbaumMobile function| EbaumEnlarge object| EbaumHistory object| EbaumAudio object| EbaumVideo object| EbaumColumnStick object| EbaumScrollAd object| EbaumGAHelper object| EbaumKeyMapStack object| EbaumSwipeMapStack object| EbaumManualShare object| EbaumSocialOverlayDisplay undefined| originalState function| EbaumListingNav function| EbaumUserMenu function| EbaumLiveRail function| EbaumMediaDetail function| EbaumMediaEngage function| EbaumBinaryVote function| EmuseKeyMap function| EmuseSwipeMap function| EbaumMobileNavSwipeMap function| EbaumMobileContestGallery function| EbaumMobileContestGallerySwipeMap function| EbaumMobileNav function| EbaumGalleryKeyMap function| EbaumLightboxKeyMap function| EbaumForm function| EbaumSlider function| EbaumRating object| GalleryEvent function| EbaumGallery function| EbaumMobileGallery object| LightboxEvent function| EbaumLightbox object| EbaumFacebook function| EbaumInbox function| EbaumUpload function| EmuseEvent object| EbaumUser object| EbaumProfileFlash object| EbaumUserMedia object| CommentEvent function| EbaumComment object| EbaumRelatedMedia function| EbaumOverlay function| EbaumGAEvent function| EbaumFBEvent object| XHRState function| EmuseXmlHttpRequest object| FileReaderState function| EmuseFileReader object| EbaumIM function| LocalConnection function| populateModal function| centerJQM function| positionModal function| modalHide function| flash_ready function| Class function| jStoreDelegate function| StorageEngine function| jStoreDom function| jStoreLocal function| jStoreSession function| jStoreFlash function| jStoreGears function| jStoreHtml5 function| jStoreIE function| Odometer function| admiral object| googletag string| GoogleAnalyticsObject function| ga object| _sf_async_config object| _cbq string| environment string| referral string| userLoggedIn string| pageSegment string| screenRes number| screenWidth object| blogherads undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| _comscore function| fbq function| _fbq number| amountScrolled number| miniMenuScroll object| jQuery17108321248868016451 object| params object| realOrFake object| ebaumOverlay function| fbAsyncInit object| _taboola object| fbEvent object| form object| google_tag_manager object| google_tag_data object| _qevents object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| __pmc_atlas_mg_webpack_jsonp__ function| 4dm1r11545242527 object| gaplugins object| gaGlobal object| gaData object| COMSCORE object| ns_p function| onYouTubeIframeAPIReady object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| _cbm object| MoatUA object| __pmc_atlasmg_pbjs object| _pbjsGlobals function| __uspapi function| lightboxjs function| lightboxlib object| FB function| quantserve function| __qc object| ezt object| _qoptions string| _skmPageViewId object| permutive object| pmc_atlasmg_ga4_datalayer object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery171008641312310455196_1704824441782 object| optiCommon object| _aps boolean| apstagLOADED object| apstag object| __buffer object| browsitag string| browsi_bootstrap_loaded object| Ru6x3r function| Ru6x3Q object| xop object| -1gqtwcohzcow object| 17z7nrehc6ak string| p1332014244 string| p1332014299 number| p1332014300 function| p1332014358 function| oAddDVTag_ function| oGetPageStats_ function| p1332014329 function| oGetSlotRenderedLineItemIdByDivId_ function| p1332014324 function| p1332014321 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1332014318 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p1332014301 function| p1332014297 function| p1332014354 function| p1332014295 function| p1332014307 function| p1332014304 function| p1332014302 function| p1332014278 function| p1332014283 function| p1332014269 function| p1332014268 function| p1332014266 function| p1332014259 function| oEnableNullChecklistener_ function| p1332014311 function| p1332014250 function| oPageUnload function| p1332014179 function| p1332014184 function| oSetDataParam function| p1332014303 number| p1332014169 string| p1332014170 object| p1332014171 object| p1332014172 boolean| p1332014173 number| p1332014175 number| p1332014176 object| p1332014197 string| p1332014239 number| p1332014180 object| p1332014247 string| p1332014215 string| p1332014216 object| p1332014253 number| p1332014254 boolean| p1332014258 number| p1332014260 boolean| p1332014262 boolean| p1332014312 boolean| p1332014287 boolean| p1332014314 boolean| oObserverChanges_ boolean| p1332014313 boolean| p1332014315 boolean| oAudienceListenerEnabled_ object| p1332014264 string| oDevice string| p1332014352 number| p1332014355 string| oParentHostname_ string| oParentPathname_ boolean| p1332014265 boolean| p1332014267 number| p1332014282 boolean| p1332014284 number| p1332014285 object| p1332014274 object| oAdSlots_ object| otkjs boolean| p1332014305 boolean| p1332014306 object| optimeraInsights string| p1332014316 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1332014327 object| p1332014328 boolean| oEnableInfiniteScrollUrls_ boolean| p1332014323 object| p1332014326 object| p1332014330 boolean| oHasStnVideo_ object| p1332014353 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p1332014357 string| p1332014360 boolean| p1332014359 string| p1332014224 function| p1332014177 string| p1332014178 boolean| oVisibileState_ number| oVisibileChangedState_ boolean| p1332014246 boolean| p1332014226 object| p1332014225 number| p1332014228 undefined| p1332014332 undefined| p1332014333 object| opbjs object| oaudLibjs object| ovpjs number| p1332014227 object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| ggeac object| google_js_reporting_queue object| m4VmfX2 function| m4VmfX3 function| xblocker object| oDv object| oVa object| xfkA0u function| xfkA0K object| xblacklist number| p1332014181 object| prodKObj string| oUrl_ object| jQuery171008641312310455196 undefined| google_measure_js_timing number| oIndex4_ number| p1332014196 function| clearImmediate function| setImmediate object| ats object| apscustom object| Criteo object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| ha object| hadron boolean| __halo_loaded__ object| ID5 object| __id5_instances function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| PublisherCommonId object| au object| auvars number| google_unique_id function| docReady object| autag object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 function| Tapad object| google_image_requests

317 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgAIQ1MrS-84xCgoIoQEQnrvS-84xCgoIgQIQ1MrS-84xCgoI4gEQ1MrS-84xCgoI5gEQnrvS-84xCgoIhwIQnrvS-84xCgkISRDUytL7zjEKCgiMAhCeu9L7zjEKCgisAhDUytL7zjEKCgitAhDUytL7zjEKCgiRAhCeu9L7zjEKCgiSAhDUytL7zjEKCgi0AhCeu9L7zjEKCgiUAhDUytL7zjEKCgi3AhCeu9L7zjEKCQg6EJ670vvOMQoJCBsQ1MrS-84xCgoI3gEQ1MrS-84xCgkIXxCeu9L7zjEKCQgfEJ670vvOMQ==
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARD3FgoJCP____8HEIEX
i6.liadm.com/s Name: _li_ss
Value: CgA
ls.kurdgozar.fun/ Name: ntvSession
Value: {}
.postrelease.com/ Name: visitor
Value: 15851005-14d1-4b2f-a384-e574e56083c0
.kurdgozar.fun/ Name: _cb
Value: DG9oEoB-6xgVBYiC9D
.kurdgozar.fun/ Name: _chartbeat2
Value: .1704824441198.1704824441198.1.BJr2gvCKPILXC35jtZKVbQnC1s91A.1
.kurdgozar.fun/ Name: _cb_svref
Value: external
.lightboxcdn.com/ Name: _cfuvid
Value: nxCmz4cQrSHetUVqq09pOPM2AvtggGZ.QwIGw.i9.38-1704824441332-0-604800000
.scorecardresearch.com/ Name: UID
Value: 124792ed6c358e6a145a9801704824441
.kurdgozar.fun/ Name: _ga_V5XPPXMJTV
Value: GS1.1.1704824441.1.0.1704824441.0.0.0
.ls.kurdgozar.fun/ Name: pmc_atlasmg_id
Value: 03eaa3e8-afa4-414a-9dfa-bb84718e837b
.kurdgozar.fun/ Name: __td_signed
Value: true
.kurdgozar.fun/ Name: _td
Value: e7973abc-d9f9-47b8-9a3e-852526d0c6bf
.kurdgozar.fun/ Name: __td_blockEvents
Value: false
.kurdgozar.fun/ Name: _fbp
Value: fb.1.1704824441838.966743570
.kurdgozar.fun/ Name: _gid
Value: GA1.2.1715661141.1704824442
.kurdgozar.fun/ Name: _gat_pmcBoomerang
Value: 1
.quantserve.com/ Name: mc
Value: 659d8e79-e5b90-b30aa-d9840
.kurdgozar.fun/ Name: __qca
Value: P0-1454732873-1704824441591
.kurdgozar.fun/ Name: permutive-id
Value: 1e6d367e-386d-47d9-9eca-26639cd122a0
.kurdgozar.fun/ Name: _ga_CGRZHQ8KQD
Value: GS1.1.1704824442.1.0.1704824442.60.0.0
.ls.kurdgozar.fun/ Name: _awl
Value: 3.1704824442.5-9615b43f4918785391128fe7f49f87b4-6763652d75732d6561737431-0
.lightboxapi.azurewebsites.net/ Name: TiPMix
Value: 97.14835018337558
.lightboxapi.azurewebsites.net/ Name: x-ms-routing-name
Value: self
ls.kurdgozar.fun/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
ls.kurdgozar.fun/ Name: _lr_retry_request
Value: true
ls.kurdgozar.fun/ Name: _lr_env_src_ats
Value: false
.kurdgozar.fun/ Name: ga_digioh
Value: CoUwzgLg-gwg9gOwgJzgGyA_
.gumgum.com/ Name: cs
Value: true
.lijit.com/ Name: ljt_reader
Value: H9rsaBZHS1_DxDIGQwucF1W-
ls.kurdgozar.fun/ Name: _lr_geo_location
Value: US
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
ls.kurdgozar.fun/ Name: _lr_geo_location_state
Value: FL
.justpremium.com/ Name: jpxumaster
Value: r-122c1356-f103-4577-9703-e802eb4f5edb-3505394-93342212
.justpremium.com/ Name: jpxsession
Value: r-640fd0ed-b75f-42e3-a2e8-ddcb452450fe-3505394-93430104
.justpremium.com/ Name: jpxuuid
Value: r-d73d9616-d0ad-4b5f-9c0e-480c8dbfceb1-3505394-93468116
.justpremium.com/ Name: 119269_488174
Value: 0_0_0
.justpremium.com/ Name: 119269_488175
Value: 0_0_0
.undertone.com/ Name: UTID
Value: 426faaf492b845bfad898e3ac0594e3d
.undertone.com/ Name: UTID_ENC
Value: 3xlemq1rk34hwg8ve1e5fyh4t
.gumgum.com/ Name: vst
Value: u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368
.rubiconproject.com/ Name: khaos
Value: LR6OGFBQ-17-B2QO
.prebid.a-mo.net/ Name: __amc
Value: 1_1704824443_1704824443
.a-mo.net/ Name: amuid2
Value: 1694ddb2-ecc5-437a-99ad-2b5e8b358db5
.prebid.a-mo.net/ Name: sd_amuid2
Value: 1694ddb2-ecc5-437a-99ad-2b5e8b358db5
.teads.tv/ Name: tt_viewer
Value: c66a5f0e-9c2f-483a-853b-734effc19c89
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.kurdgozar.fun/ Name: lotame_domain_check
Value: kurdgozar.fun
.seedtag.com/ Name: st_uid
Value: de511a63-f519-40dc-9cbb-f8ba2b5408c3
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9RmxvcmlkYSZyZWdpb25faXNvMj1GTCZjaXR5X25hbWU9TWlhbWkmbG9uZ2l0dWRlPS04MC4zOTI3JmxhdGl0dWRlPTI1LjkwOTImbWV0cm89NTI4JnppcD0zMzAxOA==
.crwdcntrl.net/ Name: _cc_id
Value: e91517260454ebbfc26d3089f8b762e
.kurdgozar.fun/ Name: _cc_id
Value: e91517260454ebbfc26d3089f8b762e
.kurdgozar.fun/ Name: panoramaId_expiry
Value: 1704910843693
.kurdgozar.fun/ Name: _au_1d
Value: AU1D-0100-001704824444-0ET2DF8K-AF2Z
.kurdgozar.fun/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE3MDQ4MjQ0NDQsInR0ZCI6MTcwNDgyNDQ0NCwicHViIjoxNzA0ODI0NDQ0LCJydWIiOjE3MDQ4MjQ0NDQsInRhcGFkIjoxNzA0ODI0NDQ0LCJhZHgiOjE3MDQ4MjQ0NDQsImdvbyI6MTcwNDgyNDQ0NCwic29uIjoxNzA0ODI0NDQ0LCJzbWFydCI6MTcwNDgyNDQ0NH0%3D
.adnxs.com/ Name: uuid2
Value: 7520810513224092898
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1704824444006
.tapad.com/ Name: TapAd_DID
Value: d9463951-a6be-4f6f-8739-d6925d9ef1b7
.adsrvr.org/ Name: TDID
Value: 1ee2284a-f33d-41b0-8f2b-c94a02cccf95
.kurdgozar.fun/ Name: __gads
Value: ID=89980a3d090486bb:T=1704824444:RT=1704824444:S=ALNI_MbaJXR5xEnZTXIWYFXl3ZhpnVXKyQ
.kurdgozar.fun/ Name: __gpi
Value: UID=00000a0703760a6f:T=1704824444:RT=1704824444:S=ALNI_Ma73-4z71TFbZaKkxgjOpXiAwsAmg
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BC5D1A00-930F-464F-9EB1-22F01C98B67F
.kurdgozar.fun/ Name: _ga
Value: GA1.2.56901551.1704824441
.doubleclick.net/ Name: IDE
Value: AHWqTUnmDwQQVd5ECF3-vQJG_dr0U5H6xW-jVGGO0kQxjYClPJViF5mzQEA43x-JIk0
.ad.gt/ Name: au_id
Value: AU1D-0100-001704824444-0ET2DF8K-AF2Z
.go.sonobi.com/ Name: __uis
Value: d13a5057-a213-4831-b305-d5d971a86bc9
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 8280212633832615062
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: aada912d-ad00-4845-9f80-53cace5b5ff7
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.bidswitch.net/ Name: tuuid
Value: 3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
.bidswitch.net/ Name: c
Value: 1704824444
.bidswitch.net/ Name: tuuid_lu
Value: 1704824444
ls.kurdgozar.fun/ Name: TAPAD
Value: %7B%22id%22%3A%225163556e-0b2c-43bf-a14c-7cb953249174%22%7D
.criteo.com/ Name: partitioned_bundle
Value: S_sgRl80c2F5NkRCNXFzZWRUcFlkUzQzSGJwUGo1N0FIelV3WUN6VSUyRk5Jd3lSMzhjWUg4eEpMaEdMTGhxanFVbTA2TDN6VkZFR1BZVWpFdHVNaFBmc1glMkIyZGVYZEV0NEl2UHIzUzFvME9lTSUyQnFkcmNjTSUyRkIxblVGWW1XS0loWHJ4dmJ2M2NqcjJpWmxFaWtKJTJCJTJGaVc5eENnMXJMSElGcmJDcWs3a3g3YjJMbzlhYXpZRXB5M1U4c3M2SVJwMGg2NGEwcGY
.kurdgozar.fun/ Name: cto_bundle
Value: i8PA0V80c2F5NkRCNXFzZWRUcFlkUzQzSGJwUGo1N0FIelV3WUN6VSUyRk5Jd3lSMzhjWUg4eEpMaEdMTGhxanFVbTA2TDN6VkZFR1BZVWpFdHVNaFBmc1glMkIyZGVYZEV0NEl2UHIzUzFvME9lTSUyQnFkcmNjTSUyRkIxblVGWW1XS0loWHJ4dmJ2dHJnWTV5YWpRYW9EV1pBanI4SW9vUSUzRCUzRA
.yellowblue.io/ Name: wrvUserID
Value: jtOlO_Pzk
.go.sonobi.com/ Name: HAPLB8G
Value: s85147|ZZ2Og
.turn.com/ Name: uid
Value: 4430111625358761738
.33across.com/ Name: 33x_ps
Value: u%3D212413095182627%3As1%3D1704824445360%3Ats%3D1704824445360
.contextweb.com/ Name: V
Value: DC0qnwBLqTA2
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4987eb1e7b0e18b3
.sharethrough.com/ Name: stx_user_id
Value: b12a5b10-9e87-4b4e-916c-ad3b34eebead
.openx.net/ Name: i
Value: 227209be-93b5-48a4-8f9d-a3c953073ca7|1704824445
.yieldmo.com/ Name: yieldmo_id
Value: VERy1EEPPyEHC6ZS3uJP%7C1704758400000%7C0
.ads.stickyadstv.com/ Name: UID
Value: f52ed82ee2697ffb22b2f840e85f41e
.csync.loopme.me/ Name: viewer_token
Value: aefee888-7301-4377-bec7-2b0b76abcc15
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENqAmulhs6JoCDEPgUeOLNs&KRTB&23025-CAESENqAmulhs6JoCDEPgUeOLNs&KRTB&23386-CAESENqAmulhs6JoCDEPgUeOLNs
.ipredictive.com/ Name: cu
Value: f47c7649-b3c5-43a5-9583-4631c7f3a88e|1704824445906
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&6172346d-4b63-4f27-862a-3f65ecc0cfb6"
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2734:u=1:x=1:i=1704824446:t=1704910846:v=2:sig=AQEZcds5KdzjXO0FreRlRrawOvPooplc"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AABPHU7LOx0AABPb3P8NtA
.bidr.io/ Name: bitoIsSecure
Value: ok
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.3lift.com/ Name: tluid
Value: 316602570341369854321
.casalemedia.com/ Name: CMPS
Value: 2822
.krxd.net/ Name: _kuid_
Value: QBp5E1dJ
.advertising.com/ Name: A3
Value: d=AQABBH6OnWUCEMxxkEk31ns2uO2Om0DVTXIFEgEBAQHfnmWnZdxH0iMA_eMAAA&S=AQAAAkGJGYIAYMR2vXCvQATVBh4
.yahoo.com/ Name: A3
Value: d=AQABBH6OnWUCEJeeWLWjFIOyC7VNyCX4w2YFEgEBAQHfnmWnZQAAAAAA_eMAAA&S=AQAAAgVZJreJWUf3Hctqg1xrm88
.sitescout.com/ Name: ssi
Value: 0444e166-c943-4703-a8ad-a90dfc5d0de0#1704824446411
.demdex.net/ Name: demdex
Value: 04019751067623948172320445127114259055
.casalemedia.com/ Name: CMID
Value: ZZ2OfgFH6TQYkZqRcKACIwAA
.casalemedia.com/ Name: CMPRO
Value: 2930
.contextweb.com/ Name: ccpa
Value: 1---
.bluekai.com/ Name: bkpa
Value: KJy9v9eUd02pSUHknpWNBEAlwtkAwEBTqsP+zEa0Sp16Sc57mcjk1VDNj7kGBcxe99SfeDG=
.bluekai.com/ Name: bku
Value: fEy99cbm7VVN2Uyy
.simpli.fi/ Name: suid
Value: 005896DF262D4D79A49C9C9CAB8EDDBB
.dpm.demdex.net/ Name: dpm
Value: 04019751067623948172320445127114259055
.undertone.com/ Name: UID_EXT_47
Value: LR6OGFBQ-17-B2QO
.undertone.com/ Name: UID_EXT_39
Value: bab351c0-3a9d-4b30-bfce-74e6c08c2f08
.undertone.com/ Name: UID_EXT_46
Value: 1ee2284a-f33d-41b0-8f2b-c94a02cccf95
.undertone.com/ Name: UID_EXT_56
Value: y-.a0iJ31E2uEHrh.UjKaJSgasE_HjLmuI_woFFJU-~A
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:005896DF262D4D79A49C9C9CAB8EDDBB&KRTB&23486-uid:005896DF262D4D79A49C9C9CAB8EDDBB&KRTB&23489-uid:005896DF262D4D79A49C9C9CAB8EDDBB&KRTB&23539-uid:005896DF262D4D79A49C9C9CAB8EDDBB
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1ee2284a-f33d-41b0-8f2b-c94a02cccf95&KRTB&22918-1ee2284a-f33d-41b0-8f2b-c94a02cccf95&KRTB&22926-1ee2284a-f33d-41b0-8f2b-c94a02cccf95&KRTB&23031-1ee2284a-f33d-41b0-8f2b-c94a02cccf95
.pippio.com/ Name: did
Value: AJfeR6G0LdLqPEeY
.pippio.com/ Name: didts
Value: 1704824446
.pippio.com/ Name: nnls
Value:
.linkedin.com/ Name: li_sugr
Value: 59c04c2f-9276-4753-939e-a15f136d292c
.amazon-adsystem.com/ Name: ad-id
Value: A_y-96ibt0hBuVoxo-kjh2I
.justpremium.com/ Name: jpxumatched
Value: gg
.clientgear.com/ Name: mkuuid
Value: mk51bfba69b98a4079bb45f5a86d03c604
.zemanta.com/ Name: zuid
Value: so3_KrGlzcHbAuaMi-62
.addthis.com/ Name: ouid
Value: 659d8e7e00016259916b060d1fbfa54599a2b4a39239c3957080
.addthis.com/ Name: uid
Value: 659d8e7e1ab35ed1
.addthis.com/ Name: na_id
Value: 2024010918204667900491504682
.tynt.com/ Name: uid
Value: uNE6HWWdjn7fxCwlAYsvFw==
.undertone.com/ Name: UID_EXT_54
Value: 0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
.hb.yahoo.net/ Name: visitor-id
Value: 3478260461523857000V10
.hb.yahoo.net/ Name: data-mag
Value: LR6OGFBQ-17-B2QO~~63
.pippio.com/ Name: pxrc
Value: CP6c9qwGEgQIAhAAEgYI36wrEAA=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCD-nPasBjABOgT90vuTQgT5mGco.xXMWlvBi1Zl0r4K59GE5GAtI45W%2BjSaXb8W5S7lOyw0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCD-nPasBjABOgT90vuTQgT5mGco.xXMWlvBi1Zl0r4K59GE5GAtI45W%2BjSaXb8W5S7lOyw0
.deepintent.com/ Name: CDIUSER
Value: di_52c322e525534ac1bdc82
.omnitagjs.com/ Name: ayl_visitor
Value: 3cd76bec6dc08e0d573cb7191567d5bd
.adform.net/ Name: C
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.adform.net/ Name: uid
Value: 1597947577565009521
.undertone.com/ Name: UID_EXT_53
Value: BC5D1A00-930F-464F-9EB1-22F01C98B67F
.sync.a-mo.net/ Name: _sv3_0
Value: 1
.sync.a-mo.net/ Name: _sv3_2
Value: 1
.postrelease.com/ Name: status
Value: 1
.postrelease.com/ Name: ver
Value: 1
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMTY5NGRkYjItZWNjNS00MzdhLTk5YWQtMmI1ZThiMzU4ZGI1IiwiZXhwaXJlcyI6IjIwMjQtMDEtMjNUMTg6MjA6NDcuMDUwMDMzOTU3WiJ9fX0=
.creativecdn.com/ Name: u
Value: OTcLIX00nn2cROjjL2Be
.creativecdn.com/ Name: g
Value: OTcLIX00nn2cROjjL2Be_1704824447022
.sync.a-mo.net/ Name: _sv3_13
Value: 1
.adx.opera.com/ Name: UID
Value: OPU217ad19eed6f4568986ccaa6fd566470
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1704824446776%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1704824447076%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1704824446776%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1704824447076%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1704824447076%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1704824446776%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1704824447076%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1704824446776%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1704824446776%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1704824447076%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1704824446776%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1704824447076%7D%5D
.a-mx.com/ Name: amdt_t
Value: p::1704824447085
.a-mx.com/ Name: amuid2
Value: 1694ddb2-ecc5-437a-99ad-2b5e8b358db5
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-f47c7649-b3c5-43a5-9583-4631c7f3a88e&KRTB&23011-f47c7649-b3c5-43a5-9583-4631c7f3a88e&KRTB&23355-f47c7649-b3c5-43a5-9583-4631c7f3a88e
.sync.a-mo.net/ Name: _sv3_14
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: M2Q0YTJiZTAyZDBhODYzMw
.socdm.com/ Name: SOC
Value: ZZ2Of8Co5ukAAG3wG44AAAAA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!234-2!234-3!234
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553&KRTB&23418-0444e166-c943-4703-a8ad-a90dfc5d0de0-659d8e7e-5553
.360yield.com/ Name: tuuid
Value: 74b74793-1244-4150-93c4-1944e6adcd3e
.360yield.com/ Name: tuuid_lu
Value: 1704824447
.360yield.com/ Name: umeh
Value: !79,0,1767032447,-1
.360yield.com/ Name: um
Value: !79,SGl2T.gmAIgHlwjTu84KuEcZ0zmEBMx1OCR0h40hiSQndGTvRhqVWVb-Ai-03ywwi5N2WMEmFG4sxvgm,1712600447
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHY32zNWV7rANhzl08AAAAAAA&KRTB&22713-AAAHY32zNWV7rANhzl08AAAAAAA&KRTB&22715-AAAHY32zNWV7rANhzl08AAAAAAA&KRTB&23519-AAAHY32zNWV7rANhzl08AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7520810513224092898&KRTB&23339-7520810513224092898
.sync.a-mo.net/ Name: _sv3_4
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZ2OfwANSE41gQBd
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987Fnp3_HG5_6AgkEXyiGdHA45XPNIbuKQT1uCI_D0IRP4GOv5fIqJGr2m7NzsZQC4TM1
.smaato.net/ Name: SCM
Value: 6dfd11c086
.smaato.net/ Name: SCMsas
Value: 6dfd11c086
.lijit.com/ Name: _ljtrtb_58
Value: BC5D1A00-930F-464F-9EB1-22F01C98B67F
.adgrx.com/ Name: ADGRX_UID
Value: cf8dd3fa-af1b-11ee-8b55-3aa3bc7cd16c
.pswec.com/ Name: tuuid
Value: dba56871-0b20-46db-bd19-7ae561c49b44
.pswec.com/ Name: c
Value: 1704824447
.pswec.com/ Name: tuuid_lu
Value: 1704824447
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 923cfbdd-01fa-475e-8b6f-b6127a4708dd
.liadm.com/ Name: lidid
Value: dbe77c4d-c56d-4142-88d8-7b374cec623f
.adotmob.com/ Name: uid
Value: 0a0422040068aa7409541cbc
.adotmob.com/ Name: uuid
Value: 0a0422040068aa7409541cbc
.adotmob.com/ Name: partners
Value: AYL%3A1704824447659
.adfarm1.adition.com/ Name: UserID1
Value: 7322165245305944218
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.sportradarserving.com/ Name: zuuid
Value: 77ffe599-6810-4b64-af6b-0013c8b40348
.sportradarserving.com/ Name: c
Value: 1704824447
.sportradarserving.com/ Name: zuuid_lu
Value: 1704824447
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p11|7dN.0.AABPHU7LOx0AABPb3P8NtA|8i8.0.1|8o4.0.1
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_cfa41980-af1b-11ee-9d7c-120817463c8f
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-cf8dd3fa-af1b-11ee-8b55-3aa3bc7cd16c&KRTB&23275-cf8dd3fa-af1b-11ee-8b55-3aa3bc7cd16c
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1704824447
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: csync
Value: 49:7322165245305944218|117:3cd76bec6dc08e0d573cb7191567d5bd|127:AABPHU7LOx0AABPb3P8NtA|133:6dfd11c086
.lijit.com/ Name: _ljtrtb_92
Value: 7520810513224092898
.admixer.net/ Name: am-uid
Value: 2a9afb6d6be64471b2d5e4c4de0237bc
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4430111625358761738&KRTB&23150-4430111625358761738&KRTB&23527-4430111625358761738
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-3aeba4f5-77f9-4adb-9400-e8da2fa6d5e7
.lijit.com/ Name: _ljtrtb_27
Value: 1ee2284a-f33d-41b0-8f2b-c94a02cccf95
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 3f6eae77-8436-31c0-ac70-7d1572b10ec2
.technoratimedia.com/ Name: tads_uidp_44
Value: LR6JIEHC-27-3418
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 7367860259295426563
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAHipIkSTFllgN8GD5QAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 9e04eebb-35db-07db-3f46-a36e1277c53c
.technoratimedia.com/ Name: tads_uidp_61
Value: 212413895233030
.technoratimedia.com/ Name: tads_uidp_62
Value: 3478177371523801000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: ay2cHqjALNtH5JvYgoVXsar-my791ze6
.technoratimedia.com/ Name: tads_uidp_7
Value: 7e46a201-dbb3-4a24-b90f-ba943839c193
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AABPHU7LOx0AABPb3P8NtA
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-f1b2a79f-532a-4efb-b07b-837d60190390-005
.technoratimedia.com/ Name: tads_uidp_77
Value: ms5agGkz-1V4Mq5LaUdUZ-d8C52NBw8PiJjBUS_DVoA
.technoratimedia.com/ Name: tads_uidp_80
Value: y-WsZbTcJE2uFDY0VwQMp3.tFlMRSwtI62~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZZ1uCc5gIUy2-0XYym0Y9AAA&5592
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 2051015439007177639918
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1703211272902
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNDgyNDQ0NzMxOSwiMjYiOjE3MDQ4MjQ0NDg0MjMsIjM5IjoxNzA0ODI0NDQ2NDgwLCI3IjoxNzA0ODI0NDQ2NDgwLCI4MCI6MTcwNDgyNDQ0NjQ4MH0
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI3NTIwODEwNTEzMjI0MDkyODk4IiwiZXhwaXJlcyI6IjIwMjQtMDEtMjNUMTg6MjA6NDQuMjQ1OTQ1Nzk3WiJ9LCJ1bnJ1bHkiOnsidWlkIjoiUlgtOTNkODNhNzMtOThkZi00NDM5LWE4ZTAtZjhlNTM4NWM0ZjE4LTAwNSIsImV4cGlyZXMiOiIyMDI0LTAxLTIzVDE4OjIwOjQ0LjA3NDU0NTc1M1oifSwiZ3JpZCI6eyJ1aWQiOiIzYWViYTRmNS03N2Y5LTRhZGItOTQwMC1lOGRhMmZhNmQ1ZTciLCJleHBpcmVzIjoiMjAyNC0wMS0yM1QxODoyMDo0NC45MjE5NTY0NTFaIn0sInVuZGVydG9uZSI6eyJ1aWQiOiIzeGxlbXExcmszNGh3Zzh2ZTFlNWZ5aDR0IiwiZXhwaXJlcyI6IjIwMjQtMDEtMjNUMTg6MjA6NDYuMjU3OTA4MDI4WiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjMxNjYwMjU3MDM0MTM2OTg1NDMyMSIsImV4cGlyZXMiOiIyMDI0LTAxLTIzVDE4OjIwOjQ4LjQyNTU5MTcxNFoifSwicnViaWNvbiI6eyJ1aWQiOiJMUjZPR0ZCUS0xNy1CMlFPIiwiZXhwaXJlcyI6IjIwMjQtMDEtMjNUMTg6MjA6NDQuNTc4Mjg5ODM0WiJ9LCJyaXNlIjp7InVpZCI6Imp0T2xPX1B6ayIsImV4cGlyZXMiOiIyMDI0LTAxLTIzVDE4OjIwOjQ1LjUzMTM4NDE2N1oifSwiaXgiOnsidWlkIjoiWloyT2ZnRkg2VFFZa1pxUmNLQUNJd0FBJjI5MzAiLCJleHBpcmVzIjoiMjAyNC0wMS0yM1QxODoyMDo0Ny4xOTI3ODQ4NVoifX19
.adnxs.com/ Name: anj
Value: dTM7k!M40mhgVC6ghqdmU(7TMh<Va0#?nG(Jtlm0P)[Q_6Ac3X17y]s.BaPp5qEtL9__RaYLo@`MwnC.DC^*n?[h'=T66L<5Hi6K3N^PI3O*]F5VFgI5+1!IOMamC69@WIf2-9^EsiIpT'>E]V`j5tGPZ.S[/%.<V'jEaEAD:vE<L#GT'=KaI^[NY+x5dj)jw_E!!%DI4Cab@
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSNk9HRkJRLTE3LUIyUU8iLCJleHBpcmVzIjoiMjAyNC0wNC0wOFQxODoyMDo0NloifSwidHJpcGxlbGlmdF9uYXRpdmUiOnsidWlkIjoiMzE2NjAyNTcwMzQxMzY5ODU0MzIxIiwiZXhwaXJlcyI6IjIwMjQtMDQtMDhUMTg6MjA6NDZaIn0sImFteCI6eyJ1aWQiOiIxNjk0ZGRiMi1lY2M1LTQzN2EtOTlhZC0yYjVlOGIzNThkYjUiLCJleHBpcmVzIjoiMjAyNC0wNC0wOFQxODoyMDo0NloifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzMTY2MDI1NzAzNDEzNjk4NTQzMjEiLCJleHBpcmVzIjoiMjAyNC0wNC0wOFQxODoyMDo0OFoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0wOVQxODoyMDo0NloifQ==
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABPHU7LOx0AABPb3P8NtA
.bing.com/ Name: MUID
Value: 151763B6B4B96380032C77B7B5A56299
.c.bing.com/ Name: MR
Value: 0
.lijit.com/ Name: _ljtrtb_85
Value: AABPHU7LOx0AABPb3P8NtA
.media.net/ Name: visitor-id
Value: 3478260481523803000V10
.media.net/ Name: data-ris
Value: {{APID}}~~25
.pubmatic.com/ Name: SyncRTB3
Value: 1705968000%3A55_46_21_165_233_234_250_178_220_176_243_54_231_240_7_214_81_238_13_8_48_249_56_99_22_104_264_5_96_3_71_166%7C1707350400%3A224%7C1709942400%3A69%7C1705622400%3A63%7C1706054400%3A35%7C1705363200%3A15_38_2_223
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_52c322e525534ac1bdc82
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5&KRTB&19420-l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5&KRTB&22979-l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5&KRTB&23462-l_2YvZmtluCMrZS7mPiMu5L4wLiMrJjhlfhtSFi5
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23334--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23417--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23426--tBDgfwlV_hvwp42xPpc4iaEdkY
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-923cfbdd-01fa-475e-8b6f-b6127a4708dd&KRTB&23340-923cfbdd-01fa-475e-8b6f-b6127a4708dd&KRTB&23498-923cfbdd-01fa-475e-8b6f-b6127a4708dd
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 15
.pubmatic.com/ Name: DPSync3
Value: 1705363200%3A265%7C1704844800%3A248_255%7C1705795200%3A257%7C1705968000%3A260_263_258_256_261_259_201_262
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1704846050106
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1597947577565009521&KRTB&23263-1597947577565009521&KRTB&23481-1597947577565009521
.rlcdn.com/ Name: rlas3
Value: FGx6trpMeKftocJwKUC1ZVwY6zK+d5/ke7w42ZBZiqI=
.rlcdn.com/ Name: pxrc
Value: CP6c9qwGEgUI6AcQABIFCOhHEAASBgi66gEQBBIGCLjrARAA
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU217ad19eed6f4568986ccaa6fd566470&KRTB&23485-OPU217ad19eed6f4568986ccaa6fd566470&KRTB&23524-OPU217ad19eed6f4568986ccaa6fd566470
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 04yeWSPnCrpNyPZp4AQgJFnp7S1%2Fhuk6pAI5s%2FAFrbuL6hnWJbeF9DpAf7TvX7XNoqSsOEEz%2BnbEfqnfjsesfA%3D%3D
.acuityplatform.com/ Name: auid
Value: 874946162095
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRjtuSmuImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUY7bkpriI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.kargo.com/ Name: ktcid
Value: 42fe63b9-abcd-0179-54a0-4ba7024d1e02
.mathtag.com/ Name: uuid
Value: edf8659d-8e82-4c00-8185-6c25c035f5d1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyNjA2MDQzNjQyE-Iz1DUxLXU0D_Uvqcg1KAMAwo22GyQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzEyNjA2MDQzNjQyE-Iz1DUxLXU0D_Uvqcg1KAMAwo22GyQAAAA
.mxptint.net/ Name: mxpim
Value: R33645_10F07D670_5971363D.1.0000000000000000659D8E82
.ctnsnet.com/ Name: cid_533b6438aa4048c59f77e8b33ac1c6f6
Value: 1
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7581108501708409104P
.owneriq.net/ Name: pmc
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005%22%2C%22nxtrdr%22%3Afalse%7D
.bfmio.com/ Name: __187_cid
Value: BC5D1A00-930F-464F-9EB1-22F01C98B67F
.bfmio.com/ Name: __io_cid
Value: 419cdf94dbe70f86d5483cb81c72e36c17166037
.w55c.net/ Name: wfivefivec
Value: Pey8Kix61RngIy5
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-874946162095&KRTB&23428-874946162095
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:edf8659d-8e82-4c00-8185-6c25c035f5d1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-978477423030163126
.thrtle.com/ Name: mc
Value: eyJpZCI6IjEzNjU3NGIzLWNiZjctNGJlNy05MjI3LTdlMDUwMmFmZGEyOCIsImwiOjE3MDQ4MjQ0NTA0NjcsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_10F07D670_5971363D&KRTB&23092-R33645_10F07D670_5971363D
.adsby.bidtheatre.com/ Name: __kuid
Value: 6b0fcb35-586c-4e4a-87a8-62472337f724.474038450
.w55c.net/ Name: matchpubmatic
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: awntuJyOZbSFoJTyBr0uRuidit261UuD3gqp8yWQZcrWqsj4WDEd5Gn45ROg6GcB5nAZcCj7NiMT4SdLBQHlZdcSOIZdY
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:Pey8Kix61RngIy5&KRTB&23421-uid:Pey8Kix61RngIy5
.c.appier.net/ Name: _auid
Value: GrGlv7bdAae_AMmvgo6dZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-GrGlv7bdAae_AMmvgo6dZQ&KRTB&23557-GrGlv7bdAae_AMmvgo6dZQ
.richaudience.com/ Name: pdid
Value: 6d8b775f-2de4-4513-be28-1zz1704824352
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005&KRTB&17107-RX-93d83a73-98df-4439-a8e0-f8e5385c4f18-005
.pubmatic.com/ Name: PugT
Value: 1704824450
.richaudience.com/ Name: raibs
Value: 1
.seedtag.com/ Name: st_cs
Value: kd94zrStGoyYDQXyR10UqH//LZSJUFqXUbwnWBwWec3f7XudfnGr+kptoRPcPgB4Qr0a9nWySN6+yfvDNM0mlVqskvH1RjAPRvJT13HATkdExAP6LIeyFN0NLKl9KtBG46XfA6UzE8yL0W8UwnxbaFl9HBzeDFhVGjqApDP+CpCTxonl59Yh3ifIe0PkGds0woMP2gFW2Aj18/NUdUEVhSzxsiJNBeIA0Z9EfHlZV6Q3qwOx+px3FK182JGIj/eGNANJ5rlFdqNrLOhQu7Gkotpg2X3emAGNuyxrEuxIjsqmsT7Ik2DKRQD4AdAwvv7gku+MqeTTyCu+F068MojILjv0Ngo2MeqALHoym2khJZqdv20h/CI3Cc9WM3tJvCNx+fIITN6/ziHOE1ZBBHUiQ1CJKagXwjTLKV5PV/m9j57TH0CC4jCBgE1se9QqeNqPvkQKcfgev7fE6gbUKFw1QdXfxT12QHT/e+/0ydPU4IK5zcn4GIErFDAQThlAFHQ/NC3IB964swSSErcr+XHzyCcuD2deuJSC5xNK4Zi7awd1fZNWn2rzNpAz2ONqhRXNssdCL8BMiLeu7qxAKsU4jkDSiv1KeJ95F4zGSe613hPfX/HCrZ39uC+Rxqgqae3eKMMXpdPxkJO+GHB129FlU2B/DON05xRejo5HTK+BAB/AdZloBQyJyUgC8Ts61/YVs3j5biid6cGt+k+Oofjw0ZkmpyovJoZBZn7bP4V6rIl7YzgDwu3umvT+OpJg34FpPly9NumbjLLx92iJFXeOqQ/Ec17+LzcxDOnOA9l/Sbw=
.seedtag.com/ Name: st_csd
Value: 1704824450877:1704824450877
.id5-sync.com/ Name: id5
Value: adc8b2d8-33ce-79a8-a550-4096aaff0d83#1704824445182#4
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BID5UID%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: "1969~2g36:190u~2g36:18z8~2g36:175w~2g36"
.quantserve.com/ Name: d
Value: ELYBEgHuKvijC_vLEA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBiYWRiYmpgYmD8C5lvaWEIAEYWp4MgAAAA
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
.lijit.com/ Name: ljtrtb
Value: eJwVyjEOwjAMQNG7eMaS7TiNzZYUIgYEXThAG5oTMCAh7k7YvvTfB6LBEcocT5yJ0ANV1Ekr%2BrkwilTi2a1MqcIBJA3L%2By5iumIP4YnKG6F12bC5riStte5xWJdhUxQypshBRMnF3MayOFbOZbk80vX%2Bpn9uYbHbK8P3B39fIiY%3D
.creativecdn.com/ Name: ts
Value: 1704824451
.richaudience.com/ Name: avcid-pmr-uid
Value: BC5D1A00-930F-464F-9EB1-22F01C98B67F
.richaudience.com/ Name: avcid-inx-uid
Value: ZZ2OfgFH6TQYkZqRcKACIwAAC3IAAAIB
.dotomi.com/ Name: DotomiTest
Value: 2efd7f444c1a1098
.richaudience.com/ Name: avcid-adf-uid
Value: 1597947577565009521
.fwmrm.net/ Name: _uid
Value: umo0447_7322728231207348811
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umo0447_7322728231207348811
.ads.stickyadstv.com/ Name: MRM_UID
Value: umo0447_7322728231207348811
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AABPHU7LOx0AABPb3P8NtA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240109%22%2C%22141%22%3A%2220240109%22%2C%22147%22%3A%2220240109%22%7D
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-H7V1.yBE2oP723gZlerWF3xEAhdNGtLtK0O8h3Ww~A
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwia7u-pt9LIPBAFEhYKB3J1Ymljb24SCwjOh86wt9LIPBAFGAEgASgCMgsIzteQl87SyDwQBTgBWglzdGlja3lhZHNgAg..
.pubmatic.com/ Name: SPugT
Value: 1704824452
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 1ee2284a-f33d-41b0-8f2b-c94a02cccf95
.rubiconproject.com/ Name: audit
Value: 1|clb2f5t+FPpyhhc1rnq1a6S5Bv7H1ouoxdnNVF8ci14/ybvdeqGenjMZF/kJwdZ+PHj2OhWhPDCxI3Ku+hCWWzMnfKomI+TWXPPiDSkqe4G3EQAtKAzdJEiL/Q+AxqkR
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEFKVGgJybAyZ0LpxDIFoA5g
.w55c.net/ Name: matchfreewheel
Value: 5
.lijit.com/ Name: _ljtrtb_80
Value: LR6OGFBQ-17-B2QO
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: Pey8Kix61RngIy5
.adnxs.com/ Name: XANDR_PANID
Value: mX9phKDxxeq0JYsI8oXzQWiajUMo5sJFrYslGdb4-fZUpuRccuamwIAlbACtBJ0RNLGFcJit5kz_j8quBhe8tlwpoTuziWKLUPed0PQOprw.
.id5-sync.com/ Name: 3pi
Value: 2#1704824446808#-1614235162#7520810513224092898|264#1704824447790#1032396935#1ee2284a-f33d-41b0-8f2b-c94a02cccf95|203#1704824447112#1600094289#aada912d-ad00-4845-9f80-53cace5b5ff7|108#1704824446584#-539618780|429#1704824445573#-1632127769#BC5D1A00-930F-464F-9EB1-22F01C98B67F|434#1704824446231#-384240310|821#1704824451744#-805446713|441#1704824447363#-409690295#u_7955ecd2-bd81-4c7e-93b0-b1e7fbb70368|1241#1704824448799#1055151555|1242#1704824451144#1055151555|155#1704824448582#-1623463139#AABPHU7LOx0AABPb3P8NtA|987#1704824451955#1338031240|1243#1704824452385#1055151555|796#1704824446007#878088156|124#1704824447573#59618922|1245#1704824448344#1055151555|285#1704824452164#2135630997#LR6OGFBQ-17-B2QO|1246#1704824448071#1055151555|286#1704824450926#-2043693905
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 7520810513224092898
.ads.stickyadstv.com/ Name: uid-bp-25746
Value: f47c7649-b3c5-43a5-9583-4631c7f3a88e

53 Console Messages

Source Level URL
Text
network error URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=65fbfb71-0187-4864-a8c1-a476d6acab1e
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.ebaumsworld.com/thumbs/2018/10/13/042430/85790638/gunshots.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://connect.facebook.net/signals/config/880446388736817?v=2.9.139&r=stable&domain=ls.kurdgozar.fun(Line 127)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://ls.kurdgozar.fun/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13252' from origin 'https://ls.kurdgozar.fun' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13252
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://ls.kurdgozar.fun/(Line 1201)
Message:
<link rel=preload> has an unsupported `type` value
other warning URL: https://ls.kurdgozar.fun/(Line 1201)
Message:
<link rel=preload> has an unsupported `type` value
other warning URL: https://ls.kurdgozar.fun/(Line 1201)
Message:
<link rel=preload> has an unsupported `type` value
other warning URL: https://ls.kurdgozar.fun/(Line 1201)
Message:
<link rel=preload> has an unsupported `type` value
other warning URL: https://ls.kurdgozar.fun/(Line 1201)
Message:
<link rel=preload> has an unsupported `type` value
other warning URL: https://ls.kurdgozar.fun/(Line 1201)
Message:
<link rel=preload> has an unsupported `type` value
network error URL: https://dyv1bugovvq1g.cloudfront.net/21/ls.kurdgozar.fun/.js
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://p.ad.gt/api/v1/p/458
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21143,21967
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fus_privacy%3D1---%26partnerId%3D57%26uid%3D&s=197137&us_privacy=1---&C=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://ls.kurdgozar.fun').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://ls.kurdgozar.fun').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://pandg.tapad.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://pbs-cs.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://ls.kurdgozar.fun').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://ls.kurdgozar.fun').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://www.google.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://pandg.tapad.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://pbs-cs.yellowblue.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
network error URL: https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=06684537
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://ls.kurdgozar.fun').
network error URL: https://id5-sync.com/k/155.gif?puid=AABPHU7LOx0AABPb3P8NtA&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BC5D1A00-930F-464F-9EB1-22F01C98B67F&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=ls.kurdgozar.fun&e=27&uid=1694ddb2-ecc5-437a-99ad-2b5e8b358db5(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sync.a-mo.net') does not match the recipient window's origin ('https://ls.kurdgozar.fun').
network error URL: https://id5-sync.com/k/264.gif?puid=1ee2284a-f33d-41b0-8f2b-c94a02cccf95&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00910841d7e5d1dcf8f3dce85326fd5b.safeframe.googlesyndication.com
33across-match.dotomi.com
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co
a.ad.gt
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.blogherads.com
ads.creative-serving.com
ads.pubmatic.com
ads.shemedia.com
ads.stickyadstv.com
ads.yieldmo.com
ajax.googleapis.com
amp.ebaumsworld.com
analytics.google.com
ap.lijit.com
api-2-0.spot.im
api.b2c.com
api.btloader.com
api.permutive.com
api.rlcdn.com
assets.a-mo.net
async01.admantx.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
btloader.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
casale-match.dotomi.com
cdn.adsafeprotected.com
cdn.browsiprod.com
cdn.ebaumsworld.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.permutive.com
cdn.speedcurve.com
cdn.undertone.com
ce.lijit.com
ced-ns.sascdn.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
collector.sheknows.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.seedtag.com
cs.yellowblue.io
csync.loopme.me
csync.smartadserver.com
cw.addthis.com
d.adroll.com
d15kdpgjg3unno.cloudfront.net
de.tynt.com
dis.criteo.com
dis.eu.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dyv1bugovvq1g.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
events-ssc.33across.com
events.browsiprod.com
fastlane.rubiconproject.com
feed.pghub.io
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
gocm.c.appier.net
gum.criteo.com
hb.undertone.com
hb.yahoo.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jadserve.postrelease.com
jelly.mdhv.io
js-sec.indexww.com
lb.eu-1-id5-sync.com
lightboxapi.azurewebsites.net
literally-media.videoplayerhub.com
ls.kurdgozar.fun
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
memorizematch.com
mug.criteo.com
onetag-sys.com
ow.pubmatic.com
p.ad.gt
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pandg.tapad.com
pbs-cs.yellowblue.io
pghub.io
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-server.rubiconproject.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s.seedtag.com
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.a-mo.net
sync.adotmob.com
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.pswec.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
triplelift-match.dotomi.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
usr.undertone.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.lightboxcdn.com
x.bidswitch.net
yield-manager.browsiprod.com
z-na.amazon-adsystem.com
ad.mrtnsvr.com
api.rlcdn.com
jelly.mdhv.io
p.adsymptotic.com
z-na.amazon-adsystem.com
104.117.182.139
104.126.112.185
104.18.111.252
104.18.36.155
104.36.115.113
108.138.128.63
13.32.151.81
130.211.23.194
131.153.242.59
142.250.81.230
142.251.35.162
147.28.129.140
147.28.146.89
151.101.130.217
151.101.66.49
162.19.138.119
162.19.138.83
162.55.120.196
168.119.72.236
169.197.150.8
172.104.121.22
172.64.149.180
172.64.151.101
173.231.178.83
178.250.7.11
18.160.1.134
18.160.10.49
18.160.46.85
18.165.83.123
18.165.83.79
18.173.132.21
18.173.219.42
18.235.219.79
184.86.146.172
185.167.164.39
185.184.8.90
192.132.33.67
195.244.31.10
195.5.165.20
198.148.27.131
199.232.193.131
199.38.167.130
20.40.202.0
207.198.113.90
211.120.53.202
213.19.162.90
216.22.16.56
23.105.12.143
23.105.12.150
23.108.102.2
23.192.7.104
23.203.177.63
23.4.232.54
23.52.161.154
23.56.162.28
23.56.163.106
23.56.212.249
23.56.213.14
23.7.17.42
23.92.190.68
2600:141b:1c00:f::172c:c9c9
2600:141b:b000::1737:ebe1
2600:1901:0:7ec2::1
2600:1f18:4e9:5a01:1124:2146:f275:933
2600:1f18:61c0:2205:8195:e213:790a:708a
2600:1f18:ed:550e:f339:4051:d8d6:6b16
2600:9000:201e:bc00:6:44e3:f8c0:93a1
2600:9000:20aa:fc00:5:82fd:2500:21
2600:9000:20e2:2000:8:48e:53c0:93a1
2600:9000:2199:6e00:11:b309:9100:21
2600:9000:2305:7400:1b:5138:8a40:93a1
2600:9000:24f3:e400:18:1fcd:353:c61
2600:9000:261f:a200:1f:2473:9080:93a1
2602:803:c002:200::113
2603:c020:400d:3000:bf17:cd18:9a23:846c
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::681a:623
2606:4700:20::681a:932
2606:4700:3031::ac43:a4aa
2606:4700::6811:7611
2606:4700::6812:18ad
2606:4700::6813:9f13
2606:4700::6813:d383
2606:ae80:1450:16::2010
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c06::9a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:823::2001
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::714
3.162.111.130
3.162.125.11
3.209.115.69
3.215.169.119
3.216.175.37
3.225.218.10
3.228.186.33
3.231.44.207
3.239.232.95
3.33.220.150
3.91.113.229
34.102.243.38
34.107.254.252
34.111.113.62
34.117.239.71
34.149.50.64
34.193.227.167
34.200.65.202
34.203.113.223
34.224.244.32
34.225.66.52
34.233.0.32
34.233.76.222
34.234.194.189
34.98.64.218
35.172.99.217
35.186.193.173
35.211.178.172
35.211.233.246
35.214.146.181
35.227.252.103
35.236.220.17
35.241.45.217
35.241.9.51
35.244.154.8
35.81.148.56
37.157.4.29
38.98.69.175
40.76.134.238
45.137.176.88
47.252.78.131
5.161.124.197
50.19.115.52
50.31.142.63
51.222.239.232
52.1.107.55
52.202.166.126
52.205.240.92
52.22.22.238
52.223.22.214
52.41.55.219
52.45.222.163
52.46.143.56
52.6.251.62
52.7.214.91
52.95.126.138
54.161.18.58
54.164.245.185
54.198.106.196
54.198.173.106
54.210.212.83
54.230.163.71
54.243.90.71
63.251.28.133
63.251.86.50
64.227.64.62
67.202.105.22
67.202.105.33
68.67.179.166
69.173.151.100
69.173.151.96
69.194.240.13
69.28.187.147
69.90.254.78
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.105
8.28.7.109
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
82.145.213.8
85.114.159.118
99.84.108.35
99.84.108.73
00636e9d1c3892693205f43d83f87515b13a631c9c805baa8dc58819f73c0d4a
028c0003faf1b53c2851cab4c2a6eefdd37e9620ffe56a3f3020ec865511608e
02e9af70b9216437e80380311f637a03b9e9479071ea700f9785f4e88fa2d27b
033610a77a604cb14c3518de94cb725fae0f7491188a2a0b6a83bcd8e161a627
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05c392c6c24e7846d351c9d1429553ae536e3e34eb3793563ad5695853cda0fb
060c76fcf4bdb0f9e5e2987dba41ade299ef6d532d9576d90cd4633a10911906
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c3e0ce4af4206bb1554266aee4dc01bd894b4abf5a217676e28cdebc88e83f
07378cb9079fe865c12da0f27effd6163adae9ce1ef5e177a527e35b9f093b12
0945a7c55ac8053108b3c9bfaf00797a9a78ad2b934277fe67246347a0b96130
0aa4917271856c86e3d6de008c60ff02a36d58d7aaac771a7f82c1b6cb7f6335
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca0901a64e149f634a1fdf2de4ff86c5b2e9878128a5136f4b4a0fb02eb1c96
0de9fa49bd47f04e9562f8026cd75bef81b627af0090b673033c301435e58a2a
15fa2b4f9fedaf4c57595838d43593c6a3307804373e90005f2f518cf6b26fc2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18931ecddecab6e38e6bca8ca0f4e9cc54e8b480c5663b6372f440cee16d3888
1911a787e994a6ceb10a60bd1045af1cb2a2659fb363c40a422bbadb1b3c9a79
19850a3c7f1186edca303a83c012a6eec5b4fbd205eb72d72343cfa540f2f0da
1a4c15aaf2f9cd27b704a495010bc19669b8e9882330bb84e27d6e3b5e61ccf4
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c708f61d95ddd54bf440cbc7706c12dfa0a6e10bb349f1a3356b1d927388d25
201f80a3f28681d6680373ed4b40f38923a95e11eda7bbd79633fa9028b39aa3
218ba2612cb42e176a5d0f65b600f3fe4c4c5ebb117216850adf888532ec1cad
21bc65f86e0cd8dfbe47d505c85430a1356b7285e09f10a5fe1eff893dd27314
223042da5878e54ba697e761fdaebf6c6c607340ddbf1c597ac45fc61fa389b2
2339c0ee561ecbe7d288c2c589f9a6833b9b9dae9d7620322985a4ee06a4a471
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
247900c59e63e00b30d136c855a6c73a9e35f1c4931d328495dac2956572334b
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a
25dea9f8066831b612a15c069417bd76bc7ae1aa1aed33f02b74cf8918ccd973
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2718adeca5ad7bc2bdcfd9d3a2403af47494d18660108364733d9d43e2ae869f
27660efcf3c62384fe11e6be9e3ead5b49a738151c68c355c46e1e6daf8fcd44
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
28ad7e91102ab8166ca104eab890ee9238390657237d37790f86b4fed6d08207
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
29a6771030e44fa8bf95d16c3c28b4ff2f4802cf8bf3d9fdad98a55e2cf64364
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30a9f7e6a223ede126cd8332ad7893816f1292155b5c300d639e0111f917ef88
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
31aaeed2e1b04ad611861cca865f5a0d9c6ab3246d5b4b2af484bb76a3293dfe
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31c4ba3ddabdf2efb07209405759dbd42f26c771f480a1d4a6d32c439f921dd4
33d67823c88202a148e0f5ef9934b3826446df1872adc0fd53b58b13fcadbd07
34f328b7d796fc83aba7ca97bb5a9983414c0c1256edf97fbd59877d2660feec
3595432066cf772cbe739ebdf22f307fcb1af3b7ee9ffd596b2fdcdfe182ec91
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
397e925bb85f3cc9b7d4200ed7a3b29954c1c9b66347e8caa747ad14c9bc70fb
3b7ca2e9b6f936a2314e29788788e8066c569e168d88bc272953736083723c43
3c21a9543968a922a975767070dfcfc74a270e9ee00f368f9591c687c2cb9c91
3c27f8c071d9e3d7d96e0d0f6710a424b17a14deca8ebc539fbee597fee72ad3
3cdb561fb1b58c48b93d9e5ade98a4f21301a892cc0865107bfd341ed0e9df40
3cdfb5c0ca3a01bc3386aca7f8971cd5d726bd73dff70ea6c18ca9abcf9778b6
3cfc49666d47f3e0156f54dfd9c22a7aaa4fd957b71ffe694f97744a7cd02d0a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e192b6cf0caa0d1de151a866270741eafec3b2a90670ff32bb1f5660d797347
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edbf2b4a7998c1a0b93d6f0993486c0ac4401ab2f0ca448df05c69fcae7ae12
3f72bc478fe8bdfc0d71966f03269d1400530dc5b86bfe964e181991ba89b19c
3fbe34c8c0d7a4f7b8e9bfbfed955dfba32746a67e9ff622c1a511edc83b9e09
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4229ecef425f044a7f510ae3455a1de1c98b02e2d46bdb87c0a97bf7f44b713f
42823fa803646687b563532c968ab7d5e78afcc52aa85e734e818719e474de1b
42a1d31153a9726e76f76591b198cfcf118be40c29ded95cc08f94e2bb2d5eb0
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4329e0fe19d270a07dcdd7b96014347b861c40a71527469e5c3e637cb61cfcf0
435e23794c212be0a3c2925e7c5b937c781e5c5ebd33185496e4f644930be4c7
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44828eadb288aee35ba8287d2593a1d416219c8a1896ddc3546a88d4190ece20
454824607a8ad2fd9ce0e05851eb21700d3e66d18b1f5037037aff4e7c47bff4
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
463383d3b88b8603da30041e077cb62b16e427d56edbd3d7c4b21992edda0686
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a8957ae28778909eae497bd8e73e5d21317424588e8c37d3b01b7861c5040c
47b15eafff74e5bafef7f0ec551332581dc0c37334d9c52206a90db0324370ee
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493e102cf4e8cc1f13af948eb9339f6631a63b7a30536e5a368075c5e222ba43
49f4f5e79451a306f0556e52798aa3ab9cc9b8e150d217e67b6dbc26403f2f85
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4af93837a2eb9b5e36918849e985e92a56ffe5d9894c3d73d4cba085023d0836
4b3116c7cc3f7b5262d3cd0f5ee64ccacdfc89128cfcdc6f8efd1b7934a51f43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b63b272b7a13de0dddd25b0acb730b3687d5d200669e406a8e1f4baff25a886
4b9fa218ade80436623bb6ebe91150413e9c68bc434c41ee97592f239aaf31b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e37a620fa30dcace16366b88ad6e85c0bbc8da22ec7ebf54e692743d87d2f17
4f03d3dd6c75ddef468ad84646ae0b9c04ed4e25c3f4f9f5ce935a6b1a2ffae4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
513ec05d46861683f0b76ef754a5b60ad20967e548d198f96f5d7abbcb3f958d
5186f010339f1f6e041d8c653c5b7d02377f4296084f915550d3fbf584a3be44
51e8e95315258db661cc8fbb408910f79807f86282986aa8a969e5b1b05d2f34
532b844a51cb933d7df3317ac517c9fac6669373fa3324ab301b80f6846bc1f9
5440393401151318ce9cc9c8e45ea6e873192808c017afc5357a2a4a10769801
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573d17471db486e8c1db97968103afd30442952396917f633312ab4b0fc2bcf3
5781c468d395c662c036191329b7ef79b21a7a850b3b02cbf47edff734a1e618
57cf6d76836de2aabd079d1245968617bac37f1316f6af5de066fea74beeb11f
5974a2991ec0221d5cc4e8a9d9bc64c14d2baa4de1308985f24b0b152f552cd1
5a7b3244a4d49d4bc0e8e5361fd0e80a5fb65faee28b199e22b424b06e26e0fe
5a993ab2e9326ab9a1d3f403acf8eed16029f1113c786bcfef3f5b529343ab81
5c2433b6c8d6d773d67062482a5fcc12fb0de8633b2e391fc529283e76dabe21
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
605e518c9e102547f3e608f6fce2a3a1ccaf414311e07f273f925bb5a353da3d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61089198ad224aab50c979907a40b563110c6e70fdfb16b7616231232695ebb8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ab92351c5b74146b13c457ed9bea87ccf1185338bf2a1b9583194ffad7a224
64ac3b20f232ce7a44428c05ae97e4f414ccd142a19215752c4f13378374c643
64b1ae97eb75b3559cd7dfb41aec382ceeff82979b844ef4724e84ab0e4b19c6
65cd5dce260d803aa2423fe2b7238d8235b318b3b16df23b53c2902c57476716
66b240bd48e5cc0a125ebde6dd8027f01339751c2252f9779cf33e900dd51cc8
6914dba124158e4de7a88484faddb5589776d27552c42f7570d95b47f05be78a
692d7a46cba08f45b297f6b1b97a8ccf56ab51588278142084f9888666672f46
69598e6775f3298ce1c0efff087a73a989cafda414dcdd18caa502a8bcc36d33
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bcb0b26c3cf3602feed634aec703ce4e8433da448bc01d60be783d066858c5b
6ce759bc9c2a3b69f1bca2c94df8afa4d278a285906bf9385b60d1a6e139f72c
6db2c3939ddf91c82e9befb5e195a78974efa9b7f2b6c5c2c53f128ccdd8ddc4
6dfa1663b9d896bdfc6f63a672c3596219022c450dc8071493b95f479bdf7f5f
6f64d571083c07e2ff3b9c59dcc86f6312e04411f16c8909587731c365450063
722b9679a26cae3a9f536c27d20e25a6750335b022d00d60c9d13f394dcc1fec
7584af8dbd9b5fa6c7d877bf252ac318d0d09583df518acdf7139636e21b2eb7
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77a3a9d5a3d0a29b681a5fb62db684d6604b2582bb5bdf1caec88ffb9285ab94
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675
7b205e88991731a228fd27cdb2f729a087290f10325d97622ca19b8376524266
7d2935081853130146140a160441c206c7f2176e315d2ce34671de2c53fbf6ee
7ff16f57acf554becc8e7d6ea855e3d74140323ed42b3fee6a981b1e53631bf2
806c015634c7437f15d3d739084d9e121da3dd8983226529fff543e8135ee27f
8291b1edbb0adebf345ff760a9b5b7a27048ec20d48e97d04560d4ffc5333e97
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435c941c3b9d3f169c6ba8720e5aa339af3998102d8f00b330eabfb812f7859
8465cbf5bc8b82a9666d40a357bab3a016290618bba93e588929d884b3ae832a
84c3dee83b2559835c7f0bbbd4be31968440848884a8fa81e10cf2ab17ca44bb
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8744a476984cc348563709a7e73e78dfb0c797d536aa4c6e9c7dc053fdc9a49c
87d5b6ce9b6943eb11b5c4650af294e65150a8de88f3cfd9f099af14243dc6a6
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8dcae681db9813bf7f4bc0aa4dbed81174c746f5ab719ac53a2b4c26593fc123
8de52587964fc55011c277f6e85ba003311240970ec2373662ecb2a7cfcc53eb
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e82aeb9a84b16b5e44eb257d9f2de78d716737e34705c7db81c6246e7281304
8f5dc1376bfd127bc7ac2b076626002ef1fcc63fc87c879bbc4b717316df4765
901c353a04a1233bef18c0007d254d44d99160c1d886a4aec1492531af4a5090
918a411b86a1e4ffeb5ecd72654dd13d5509df9db13385b602d33d403be139c8
919939a2641fc2b8953f574b3bfcad533e3dba287fc8c1c373f3bf8e71011c24
91d094afecfb52ab9073416195f4c09da05853577dc697a8906ef50739d669ae
92e1eb71a9780672eff2fe86cae4db7195d5e96bd9bffc328edbacb7edc92e05
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
9397e17d22f9afbd29ee4a79c4ba050dca17fe9ccfebe0ce287844dccccf36da
95857594972f6ca1a22f92b959ec3b9ce5b83e930e1a877e178f32bb4eb4f21c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c5535d32ac07089d0bcad366debdb68b94a8af1769ab9718e20117f8db021e8
9d23c8b0660a8de4ff736f1c38782322b95832897276a565e58af9387951490c
9fb69b0f21da567fa85ef84dd76b9dec8e636972ea5bcee188cf2919ecd78100
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fca3cbbced080c0adb097b6385d83c6a77ed1d09c6ed120aa0a53672a5e4d0
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2498ff59069a479031119bf9383cff9137a7052fa8644b475f98900e3f9944a
a2a74689c123a1de0d0c92aaed97a9b10cce161948c779437c9d87330003970d
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a2ae79a65b739a78d2abb1eb7e178c383ef654878e380bb1d3da3bfdfb088a77
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d
a40a81296e88a5bd195631d878cc93e76be462dc5c6396b449b5f2e20860749a
a436eea74cf54c966667338fed023aac3cd40431914c48a539d08ee3a52a4d71
a58ac1aa668b0e0a9c9004e5242a3d9b58bbfcc648b818b7f8f179421945b200
a7ac5981c28bfb68a9775b242e03c3c85ce21379df5b6a41d69890e415b35d70
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8bffe1ad305d87052a9ade3391dfcd9ab204eedb24c1601f1ba5117881388c
ac2397fbe331fb7cc8c5325752c4af7d6c5cb9204a1f810b89fc93c372cbdd37
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6fbab3d9f169795633e0a3d98ec4089d367560a16b893e632e9dba3eef3d51
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b020745ad903a0e778d07e5667b82d7162ee1872e1d67d0cd28e0c8ffb9619a9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e72e420dc73534143870cc3418a9a2d56476649f2374c6a3eb2d0fd64a342e
b5f7c78aba4a8f5853cbe1b57590642f22fe2ebbdbb66c72cade2c98255951b0
b625d5a8adce0e637b3263a627b65445e87da3ec1e62aff4ff86869707ed4fe7
b94047a885ec91143818ebb76251e206a303a492429f67defc1c2e46c10c41c9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf0c59855cf2d10b9ff22c98f5c7f145307e5257da32448689d659fa0d3f8528
c1278814b0027f51197b4c87246911ec651e7e3583abd3da2d78814a7231f334
c19591dfb7f595d8a2c1392b26aafac5cf83b77dc4641d64d1bd8d67c6cc7ed0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c31c9cf37540a3068363b06fdab8a5f21d46f24c0d27cf17361f088b8b876bb1
c46dda469ed6696a21929db7c24648fb09719737d11999847dd18a942b15958b
c4f15e8ab316eeec903231070bd42beadaaa91e304e142b95ba16baafc222230
c659f9db53b1759f28a19d4a2dd34f35b4f717a8b662151e187fb54b31223ebb
c6d47dbd0279e6f7a165a392104b54ef37739eaa17d431cabd23e83f307aa1a1
c711246451cec520c530b9640d655fb5d0c2575a405bc8db2246fc0fb3d2d1c1
c73711b2d2d5ba6b3df3b5fb1269bfc39d5650605eebdbac726307b759619744
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb652135d26db75b753abadd6af1773e18c9b3971721bcd9649a116e67c8d875
cd88d7160bfdac9b9178e2d61b233d016b8abad70672688382d73e3a2561a88f
cec0a30eb75b81d4200725c16192101ba078c44d1a21e591a96ffc3e62d7153e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1b1f7a260555ebc9cb4ce0f9457e0972c78b54338c58fcb32b60e9cf0ae1041
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d33aeaa613dbac135bea41010f2efb28f6c9961106b23b6832230e1ee856a2b4
d345a5cb51087db8bc406ea4123fbc65c91ead3ff7535d547fa0e033ecdeb3b2
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d4500d459d73502983df85699b87d4f65ec8e026447066da7a492360a28cc99f
d4f2aafb1ae7708d7005c555dd26326b59655c4a15c95827d76f9f0879d80e52
d64d691c37b90534b3837819b3d88ce2aad951303d6a14a9e759dc402442a811
d7018548be7546c21f55556a851d044bc85d44e4ef3d6b11f99da85b3491a6e5
d8c49bc14e5b5041853d619fe2dc1b01b28bfd4974b8e732f13fa4943efaada3
d8d08708beca6758e3d22b6559111da107ec78c6c014c9ce9025caab6ccfa84f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d980dec34ce9cc49f35508d04abd290e9f8f4f2111bde0313970d29e4da397f0
da26ea47d0257d80abc1d9a0684bfcd3646dbae8ee3e3a5e81adee61c6d6572c
dc72881b50eeeba21d39b80dd51e5361e098890eddc2bfc401827fb3880dbec3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb25a6c3f556119295180c53ada32366c9b6dd5451403396ea91599f621cd60
e0b535fff45f96ec551a2478a878d0bdf314ab660480732d025258d13aab387c
e0e87b4ce41c6f96589ff26d903d7508ee115d61a22ff674c931467f3a702ee3
e18a7c35b73bdd45978801c3169ee4fbd619ffbd66aa3f615272e41d9cceab4d
e34b3767763a4366a4b284da2349d876fc04a42d2273dcfddc352a32bc4b0058
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b22edc0838232993c1b97b06920e793597eb4b7f6785fa4157f21ef96d71bb
e5b241f65d6b97d4d10726f3cfe8aae6346faf732dae616c540babb6707ae65f
e6b407656a83e46d06c9d47affa1ac05b225617668a42c637e8dfd265919cb3e
e80007f52373f16d128c7c4082de6c0826059e9da4dc88778c60a68c60c4e6fc
e85e8e64d742cfff420066b8ac238388ee10f2075dda2f974bc6256bd28f2800
e90b43c18472bfbdd0d5d70f9b55280ce4f8312567a9ffffd94b0156988724df
e91448335bbe5e523a5dad2df2ceccf819e08518a88db3c1174ba164efbfab71
e95289074f070240dccdabd849d35d5c3f57f9c9bfb9d5ffe538aac12d1926aa
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed7db4470ff1b8f9802d61ca35673e43b6b8ba7bc7e61bae301bdfb738cbc5fa
ee5fa10523f5b80078f4587ea5bcc4729b617dfb476c006434d7ec9a4a3ec416
eec82dc7c9386d4fb136c21ca511742b591b873135dd77bf8ad84a48b4da765d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff16e01f6728b9f7eb9eb06da276f423db112ee55d66c8260d1709e6b2e79a3
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67
f3f1d13a0e740de5a47a2a37803b6c30a9866fcad648fd48dc0e2bbe4030f2fc
f43bd1a5317dcc08c6bba4f3d560c81e827650dbf1487767128049308791ad5f
f4844f20da14ea893cb5d059076744175bfbdb4f988d76fc6a8d8d86ce952575
f5ff3ef14b90092e994b9d8bdcc10bdd978cd62c25b3c948b1d7d7bd7d089061
f656b0a9eefaeb6e892a71a4ff5a3a9b1403037f8a69413d494497d8bde49336
f768baf0dd8336b5c588faa27988e623ae09bc77dd363b64ef8acb0e355ace11
f8187b218bf565d6d8543e1ac2332b18fdff375eb35cb803784f02c0240b85a0
f83f467fe4dcae0dde9fcb42aa03f81dedf6b0d063c8b927dac2ce9ac17c6900
f872688d66147680a9b51214b4988dc22b10f0d16864252cba7f5e021890a7ca
f9d53e4bf054149c3ccb7d2ff6da8f37f38eb3230fe5c5bf91aebcef6a72b82c
fd1633f96836eb57bb997946e1482f6aaa3be9893810474ac09f472ebac70990
fd2b3f7d22341c6920c2262cbfd12a1b9c9a286f909b90ecd9d2b76f2fc5ca0f
ff447038cd99e33d6ec98bf967a0513de0d4d22b4caef0af5856ae0b8970bc62