commandwindows.com Open in urlscan Pro
3.127.76.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn-3.commandwindows.com/
Effective URL:
https://commandwindows.com/
Submission: On June 10 via api (June 10th 2021, 5:54:37 pm UTC) from GB

Summary HTTP 519 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 106 IPs in 11 countries across 106 domains to perform 519 HTTP transactions. The main IP is 3.127.76.126, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is commandwindows.com.
TLS certificate: Issued by R3 on May 2nd 2021. Valid for: 3 months.

This is the only time commandwindows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:818c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
75	3.127.76.126 3.127.76.126	16509 (AMAZON-02) (AMAZON-02)
31	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:4c02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.222.200.121 52.222.200.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:1800:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
12	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 9	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200d	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
11	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3 5	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
41 56	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
14 18	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 20	52.208.210.171 52.208.210.171	16509 (AMAZON-02) (AMAZON-02)
5 25	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
11 18	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2 8	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 4	35.156.250.242 35.156.250.242	16509 (AMAZON-02) (AMAZON-02)
2	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
4 4	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
23 24	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
24 25	3.64.28.223 3.64.28.223	16509 (AMAZON-02) (AMAZON-02)
2 2	34.240.2.137 34.240.2.137	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	18.156.12.32 18.156.12.32	16509 (AMAZON-02) (AMAZON-02)
12 14	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
3 12	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	54.175.198.118 54.175.198.118	14618 (AMAZON-AES) (AMAZON-AES)
3 7	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.71.70.131 52.71.70.131	14618 (AMAZON-AES) (AMAZON-AES)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	52.29.9.114 52.29.9.114	16509 (AMAZON-02) (AMAZON-02)
6 13	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
9 9	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
23 31	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	208.100.17.172 208.100.17.172	32748 (STEADFAST) (STEADFAST)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.55 202.241.208.55	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 5	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
1 1	34.197.43.243 34.197.43.243	14618 (AMAZON-AES) (AMAZON-AES)
2 4	52.30.135.179 52.30.135.179	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.74.236.191 64.74.236.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 3	52.222.174.22 52.222.174.22	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4 4	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 39	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 4	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	162.55.6.210 162.55.6.210	24940 (HETZNER-AS) (HETZNER-AS)
5	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
5 5	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4 7	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9 9	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:1cf8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	18.194.4.26 18.194.4.26	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	34.102.219.251 34.102.219.251	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	198.148.27.134 198.148.27.134	19189 (PULSEPOINT) (PULSEPOINT)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.21.30 51.89.21.30	16276 (OVH) (OVH)
3	143.204.93.227 143.204.93.227	16509 (AMAZON-02) (AMAZON-02)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
1	72.251.241.196 72.251.241.196	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
2 2	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1	3.125.134.133 3.125.134.133	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4200:8331:bab2:3072:ce38	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.113.31 35.190.113.31	15169 (GOOGLE) (GOOGLE)
2 2	158.69.224.51 158.69.224.51	16276 (OVH) (OVH)
1	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.17.188.230 52.17.188.230	16509 (AMAZON-02) (AMAZON-02)
3 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	88.214.193.99 88.214.193.99	46636 (NATCOWEB) (NATCOWEB)
1 1	18.237.96.144 18.237.96.144	16509 (AMAZON-02) (AMAZON-02)
1	52.30.95.9 52.30.95.9	16509 (AMAZON-02) (AMAZON-02)
2 2	52.0.240.240 52.0.240.240	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:7493:838e:3006:4686	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.25.144 34.120.25.144	15169 (GOOGLE) (GOOGLE)
1	35.212.101.174 35.212.101.174	15169 (GOOGLE) (GOOGLE)
1 1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.45.185.178 52.45.185.178	14618 (AMAZON-AES) (AMAZON-AES)
1	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.228.62.17 3.228.62.17	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2600:9000:218... 2600:9000:218d:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
519	106

1 2606:4700:3033::ac43:818c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn-3.commandwindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 3.127.76.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com

commandwindows.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4c02 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.200.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-200-121.cdg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1800:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.95.123.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.191 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 213.19.147.45 (United Kingdom) 41 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 76.223.111.131 (United States) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.208.210.171 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.33.220.240 (Amsterdam, Netherlands) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.250.242 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.65 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.49.238.187 (Dublin, Ireland) 23 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 3.64.28.223 (Frankfurt am Main, Germany) 24 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.2.137 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.12.32 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.4.41 (Denmark) 12 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ezoic-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.198.118 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1288:110:c305::8000 (United Kingdom) 3 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.70.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.9.114 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 198.148.27.140 (New York, United States) 6 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.29.135.226 (United Kingdom) 9 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.184.194 (United States) 23 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.55 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.94.232.32 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.43.243 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.30.135.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.174.22 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-22.cdg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.167 (Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.138.142 (France) 4 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.6.210 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.210.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.222.80.231 (Canada) 7 redirects

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.194.226.253 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:db6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.39.188 (France) 2 redirects

ASN16276 (OVH, FR)

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pulsepoint-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.65.196.12 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 66.155.71.25 (Portsmouth, United Kingdom) 9 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1cf8 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icv.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.4.26 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.219.251 (Kansas City, United States)

ASN15169 (GOOGLE, US)

stats.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.93.227 (United States)

ASN16509 (AMAZON-02, US)

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (France) 1 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.135.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.134.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-134-133.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:8331:bab2:3072:ce38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.113.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)

atemda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.224.51 (Montreal, Canada) 2 redirects

ASN16276 (OVH, FR)

red.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.188.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

match.sync.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.99 (United Kingdom)

ASN46636 (NATCOWEB, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.237.96.144 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

demand.trafficroots.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.95.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

c.deployads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.240.240 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:7493:838e:3006:4686 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.212.101.174 (Washington, United States)

ASN15169 (GOOGLE, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.185.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.62.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218d:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	doubleclick.net 27 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	196 KB
69	commandwindows.com 1 redirects cdn-3.commandwindows.com commandwindows.com	139 KB
54	pubmatic.com 2 redirects ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com hbopenbid.pubmatic.com simage4.pubmatic.com	85 KB
36	unrulymedia.com 18 redirects sync.targeting.unrulymedia.com targeting.unrulymedia.com video.unrulymedia.com usermatch.targeting.unrulymedia.com	17 KB
33	google.com 2 redirects apis.google.com adservice.google.com accounts.google.com www.google.com	135 KB
30	googlesyndication.com bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	258 KB
25	bidswitch.net 24 redirects x.bidswitch.net	9 KB
24	bidr.io 23 redirects match.prod.bidr.io	11 KB
24	casalemedia.com 5 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com htlb.casalemedia.com dsum.casalemedia.com	27 KB
24	1rx.io 23 redirects sync.1rx.io	9 KB
20	ampproject.org cdn.ampproject.org	399 KB
20	adnxs.com 11 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	50 KB
20	gumgum.com 2 redirects rtb.gumgum.com	6 KB
20	outbrain.com 3 redirects widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com sync.outbrain.com mcdp-chidc2.outbrain.com	103 KB
19	google.ch adservice.google.ch	3 KB
18	adsrvr.org 14 redirects match.adsrvr.org	8 KB
18	amazon-adsystem.com 3 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com s.amazon-adsystem.com	44 KB
14	contextweb.com 6 redirects bh.contextweb.com bid.contextweb.com	15 KB
14	adform.net 12 redirects c1.adform.net	7 KB
14	rubiconproject.com 6 redirects pixel-eu.rubiconproject.com pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel-us-east.rubiconproject.com	18 KB
12	openx.net 3 redirects us-u.openx.net ezoic-d.openx.net eu-u.openx.net	3 KB
12	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	403 KB
11	yahoo.com 5 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	6 KB
9	bannernow.com storage.bannernow.com stats.bannernow.com icv.bannernow.com	218 KB
9	sitescout.com 9 redirects pixel-sync.sitescout.com	5 KB
9	mathtag.com 9 redirects sync.mathtag.com	5 KB
9	ezoic.net go.ezoic.net g.ezoic.net	3 KB
8	criteo.com 1 redirects dis.criteo.com gum.criteo.com mug.criteo.com bidder.criteo.com	4 KB
8	everesttech.net 8 redirects sync-tm.everesttech.net	2 KB
8	lijit.com 2 redirects ap.lijit.com ce.lijit.com	7 KB
8	gstatic.com ssl.gstatic.com fonts.gstatic.com	106 KB
7	quantserve.com 4 redirects pixel.quantserve.com cms.quantserve.com secure.quantserve.com	12 KB
7	onaudience.com 7 redirects pixel.onaudience.com	3 KB
6	dotomi.com 1 redirects amazon-tam-match.dotomi.com pubmatic-match.dotomi.com pulsepoint-match.dotomi.com match.sync.ad.cpe.dotomi.com casale-match.dotomi.com	646 B
6	googleapis.com ajax.googleapis.com fonts.googleapis.com	32 KB
5	crwdcntrl.net 5 redirects sync.crwdcntrl.net bcp.crwdcntrl.net	2 KB
5	mfadsrvr.com 5 redirects rtb.mfadsrvr.com	3 KB
4	taboola.com 1 redirects trc.taboola.com match.taboola.com	940 B
4	zeotap.com 2 redirects spl.zeotap.com mwzeom.zeotap.com	1 KB
4	smartadserver.com 4 redirects rtb-csync.smartadserver.com	2 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	demdex.net 2 redirects dpm.demdex.net	3 KB
4	creativecdn.com 4 redirects creativecdn.com	1 KB
4	3lift.com 3 redirects eb2.3lift.com	1 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	erne.co 3 redirects green.erne.co red.erne.co	784 B
3	turn.com 3 redirects ad.turn.com	1 KB
3	loopme.me 3 redirects csync.loopme.me	617 B
3	2mdn.net s0.2mdn.net	37 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	698 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	tapad.com 2 redirects pixel.tapad.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	747 B
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	53 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com	1 KB
2	nrich.ai 2 redirects dsp.nrich.ai	977 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1002 B
2	ad4m.at ad4m.at	156 B
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	360yield.com 2 redirects ad.360yield.com	618 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com	1 KB
2	avct.cloud 2 redirects ads.avct.cloud	884 B
1	quantcount.com rules.quantcount.com	427 B
1	rlcdn.com id.rlcdn.com	66 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com	390 B
1	dyntrk.com gu.dyntrk.com	215 B
1	adentifi.com rtb.adentifi.com	88 B
1	bluekai.com 1 redirects tags.bluekai.com	520 B
1	chocolateplatform.com cs.chocolateplatform.com	85 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com	176 B
1	deployads.com c.deployads.com	285 B
1	trafficroots.com 1 redirects demand.trafficroots.com	600 B
1	colossusssp.com sync.colossusssp.com	648 B
1	yieldmo.com ads.yieldmo.com	431 B
1	teads.tv sync.teads.tv	287 B
1	atemda.com atemda.com	1021 B
1	tremorhub.com partners.tremorhub.com	183 B
1	sharethrough.com match.sharethrough.com	263 B
1	exelator.com 1 redirects loadm.exelator.com	649 B
1	playground.xyz 1 redirects ads.playground.xyz	486 B
1	simpli.fi um.simpli.fi	611 B
1	adgrx.com cm.adgrx.com	408 B
1	id5-sync.com id5-sync.com	536 B
1	googletagmanager.com www.googletagmanager.com	31 KB
1	a-mo.net prebid.a-mo.net	786 B
1	adkernel.com dsp.adkernel.com	233 B
1	appier.net 1 redirects a.c.appier.net	558 B
1	blismedia.com tr.blismedia.com	136 B
1	advangelists.com 1 redirects nep.advangelists.com	234 B
1	socdm.com 1 redirects tg.socdm.com	838 B
1	emxdgt.com cs.emxdgt.com
1	33across.com ssc-cms.33across.com
1	zemanta.com 1 redirects b1sync.zemanta.com	281 B
1	deepintent.com match.deepintent.com	44 B
1	technoratimedia.com sync.technoratimedia.com	294 B
1	ipredictive.com 1 redirects sync.ipredictive.com	428 B
1	ezodn.com go.ezodn.com	77 KB
519	106

	Domain	Requested by
68	commandwindows.com	commandwindows.com
31	cm.g.doubleclick.net	23 redirects rtb.gumgum.com bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com commandwindows.com eu-u.openx.net eus.rubiconproject.com
31	securepubads.g.doubleclick.net	commandwindows.com securepubads.g.doubleclick.net
25	x.bidswitch.net	24 redirects bh.contextweb.com
24	match.prod.bidr.io	23 redirects video.unrulymedia.com
24	sync.1rx.io	23 redirects video.unrulymedia.com
23	simage2.pubmatic.com	ads.pubmatic.com
21	tpc.googlesyndication.com	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com commandwindows.com securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
20	rtb.gumgum.com	2 redirects aax-eu.amazon-adsystem.com rtb.gumgum.com
19	adservice.google.com	securepubads.g.doubleclick.net
19	adservice.google.ch	securepubads.g.doubleclick.net
18	sync.targeting.unrulymedia.com	5 redirects video.unrulymedia.com ssum-sec.casalemedia.com eus.rubiconproject.com
18	match.adsrvr.org	14 redirects ssum-sec.casalemedia.com eu-u.openx.net eus.rubiconproject.com
16	image2.pubmatic.com	2 redirects ads.pubmatic.com
14	usermatch.targeting.unrulymedia.com	13 redirects video.unrulymedia.com
14	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
14	c1.adform.net	12 redirects ads.pubmatic.com
13	bh.contextweb.com	6 redirects go.ezodn.com bh.contextweb.com
13	ib.adnxs.com	6 redirects commandwindows.com bh.contextweb.com acdn.adnxs.com
11	widgets.outbrain.com	commandwindows.com widgets.outbrain.com
10	images.outbrainimg.com	commandwindows.com
9	pixel-sync.sitescout.com	9 redirects
9	sync.mathtag.com	9 redirects
9	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com ap.lijit.com rtb.gumgum.com ssum-sec.casalemedia.com ads.pubmatic.com
8	sync-tm.everesttech.net	8 redirects
7	fonts.gstatic.com	fonts.googleapis.com
7	pagead2.googlesyndication.com	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com www.googletagservices.com commandwindows.com tpc.googlesyndication.com
7	pixel.onaudience.com	7 redirects
7	pr-bh.ybp.yahoo.com	3 redirects ads.pubmatic.com eu-u.openx.net ssum-sec.casalemedia.com
7	ads.pubmatic.com	aax-eu.amazon-adsystem.com ads.pubmatic.com rtb.gumgum.com go.ezodn.com
7	ssum-sec.casalemedia.com	2 redirects aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com js-sec.indexww.com video.unrulymedia.com
7	www.google.com	2 redirects apis.google.com bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com commandwindows.com tpc.googlesyndication.com
7	g.ezoic.net	commandwindows.com
6	us-u.openx.net	2 redirects eu-u.openx.net
6	ce.lijit.com	1 redirects ap.lijit.com
6	apis.google.com	commandwindows.com apis.google.com accounts.google.com
5	pixel.rubiconproject.com	bh.contextweb.com eus.rubiconproject.com
5	eu-u.openx.net	1 redirects go.ezodn.com eu-u.openx.net
5	fonts.googleapis.com	storage.bannernow.com securepubads.g.doubleclick.net
5	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com bh.contextweb.com
5	secure.adnxs.com	5 redirects
5	rtb.mfadsrvr.com	5 redirects
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	icv.bannernow.com	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com storage.bannernow.com
4	storage.bannernow.com	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com storage.bannernow.com
4	pixel.quantserve.com	3 redirects
4	image4.pubmatic.com	ads.pubmatic.com
4	rtb-csync.smartadserver.com	4 redirects
4	d5p.de17a.com	4 redirects
4	ad.doubleclick.net	4 redirects
4	dpm.demdex.net	2 redirects ssum-sec.casalemedia.com
4	sync.outbrain.com	3 redirects rtb.gumgum.com
4	creativecdn.com	4 redirects
4	eb2.3lift.com	3 redirects bh.contextweb.com
4	c.amazon-adsystem.com	commandwindows.com c.amazon-adsystem.com
3	px.owneriq.net	2 redirects bh.contextweb.com
3	trc.taboola.com	1 redirects bh.contextweb.com
3	video.unrulymedia.com	go.ezodn.com video.unrulymedia.com
3	gum.criteo.com	1 redirects static.criteo.net
3	ad.turn.com	3 redirects
3	ups.analytics.yahoo.com	2 redirects bh.contextweb.com
3	sync.crwdcntrl.net	3 redirects
3	csync.loopme.me	3 redirects
3	s0.2mdn.net	widgets.outbrain.com storage.bannernow.com
3	sb.scorecardresearch.com	1 redirects widgets.outbrain.com
3	ssl.google-analytics.com	1 redirects commandwindows.com
2	eus.rubiconproject.com	video.unrulymedia.com eus.rubiconproject.com
2	bcp.crwdcntrl.net	2 redirects
2	i.liadm.com	2 redirects
2	dsum.casalemedia.com	bh.contextweb.com ssum-sec.casalemedia.com
2	red.erne.co	2 redirects
2	sync.search.spotxchange.com	1 redirects bh.contextweb.com
2	pixel.advertising.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	pixel.tapad.com	2 redirects
2	pm.w55c.net	2 redirects
2	acdn.adnxs.com	go.ezodn.com
2	js-sec.indexww.com	go.ezodn.com ssum-sec.casalemedia.com
2	static.criteo.net	go.ezodn.com commandwindows.com
2	mug.criteo.com	commandwindows.com
2	googleads.g.doubleclick.net	commandwindows.com
2	a.sportradarserving.com	2 redirects
2	cms.quantserve.com	1 redirects bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
2	match.adsby.bidtheatre.com	2 redirects
2	pubmatic-match.dotomi.com	ads.pubmatic.com
2	dsp.nrich.ai	2 redirects
2	mwzeom.zeotap.com	ads.pubmatic.com
2	spl.zeotap.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	dis.criteo.com	ads.pubmatic.com
2	mcdp-chidc2.outbrain.com	widgets.outbrain.com
2	ad4m.at	ssum-sec.casalemedia.com ads.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	p.rfihub.com	2 redirects
2	ad.360yield.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	ads.avct.cloud	2 redirects
2	odb.outbrain.com	widgets.outbrain.com
2	ap.lijit.com	1 redirects aax-eu.amazon-adsystem.com
2	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	go.ezoic.net	commandwindows.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	sync.extend.tv	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	cm.ctnsnet.com	1 redirects
1	casale-match.dotomi.com	1 redirects
1	gu.dyntrk.com	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	tags.bluekai.com	1 redirects
1	cs.chocolateplatform.com	bh.contextweb.com
1	public-prod-dspcookiematching.dmxleo.com	bh.contextweb.com
1	i6.liadm.com	bh.contextweb.com
1	c.deployads.com	bh.contextweb.com
1	demand.trafficroots.com	1 redirects
1	sync.colossusssp.com	bh.contextweb.com
1	match.sync.ad.cpe.dotomi.com	bh.contextweb.com
1	ads.yieldmo.com	bh.contextweb.com
1	sync.teads.tv	bh.contextweb.com
1	atemda.com	bh.contextweb.com
1	partners.tremorhub.com	bh.contextweb.com
1	match.sharethrough.com	bh.contextweb.com
1	loadm.exelator.com	1 redirects
1	pulsepoint-match.dotomi.com	bh.contextweb.com
1	ads.playground.xyz	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	id5-sync.com	commandwindows.com
1	www.googletagmanager.com	commandwindows.com
1	prebid.a-mo.net	commandwindows.com
1	htlb.casalemedia.com	commandwindows.com
1	hbopenbid.pubmatic.com	commandwindows.com
1	ezoic-d.openx.net	commandwindows.com
1	bidder.criteo.com	commandwindows.com
1	targeting.unrulymedia.com	commandwindows.com
1	bid.contextweb.com	commandwindows.com
1	stats.bannernow.com	storage.bannernow.com
1	dsp.adkernel.com	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
1	a.c.appier.net	1 redirects
1	tr.blismedia.com	bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
1	nep.advangelists.com	1 redirects
1	tg.socdm.com	1 redirects
1	cs.emxdgt.com	rtb.gumgum.com
1	ssc-cms.33across.com	rtb.gumgum.com
1	b1sync.zemanta.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.technoratimedia.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	pixel-eu.rubiconproject.com	1 redirects
1	amazon-tam-match.dotomi.com	aax-eu.amazon-adsystem.com
1	log.outbrainimg.com	commandwindows.com
1	ssl.gstatic.com	accounts.google.com
1	widget-pixels.outbrain.com	commandwindows.com
1	tcheck.outbrainimg.com	commandwindows.com
1	accounts.google.com	apis.google.com
1	ajax.googleapis.com	commandwindows.com
1	stats.g.doubleclick.net	commandwindows.com
1	go.ezodn.com	commandwindows.com
1	cdn-3.commandwindows.com	1 redirects
519	169

This site contains links to these domains. Also see Links.

Domain
silktide.com
plarium.com
lifeexact.com
yourdailylama.com
hanuilds-cantake.com
editorsnation.com
ad.doubleclick.net
www.outbrain.com
www.ezoic.com
oraculum.wahrsagen-chris.com
code41watches.com
naturprodukte-tipps.ch
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
commandwindows.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
ezoic.net R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2021-04-09` - `2022-03-20`	a year	crt.sh
accounts.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
stats.bannernow.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.id5-sync.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-16` - `2021-11-16`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.atemda.com Go Daddy Secure Certificate Authority - G2	`2019-12-13` - `2022-01-12`	2 years	crt.sh
teads.tv R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2020-10-06` - `2021-11-07`	a year	crt.sh
*.deployads.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-04` - `2021-07-03`	2 years	crt.sh
*.liadm.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2021-06-04` - `2021-09-02`	3 months	crt.sh
chocolateplatform.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
gu.dyntrk.com R3	`2021-06-10` - `2021-09-08`	3 months	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-27` - `2021-07-14`	2 months	crt.sh

This page contains 81 frames:

Primary Page: https://commandwindows.com/
Frame ID: A056152750B9A5243B27BF252ECE6E07
Requests: 197 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton
Frame ID: ECAEC6E4B6E396DE5FF597188AC9E8BF
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t
Frame ID: C4F9F051563E783ABFFB398AEEC521CD
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcommandwindows.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 4154666743ECEC4E212B961D85569295
Requests: 4 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 8D39FC80FA9146F6AD24E849251A2C82
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: CE6DC7EA0BA892312F6A8F31EF5E22C8
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 863F7F0E69C24CD5F9ACC5B28181155B
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 16897909681E60796C702875616A0498
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: DF3984F0EF5460F7871FF775E544BA6D
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 0BAFA8B441E0F8A08535A0B0D0196EEE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7847840062258970552&ex=appnexus.com
Frame ID: 29571951FC3B88F6A99F12BD724D18B1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: DF0DCCDCF333E2B0FFD02BB274885934
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=7635250732139091600
Frame ID: 208D14A582490D6F120B96F27EE36E84
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DF77F9EF2F46E2CF149E269B76813046
Requests: 19 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=&gdpr_consent=
Frame ID: D5769F56619CAC31EC5C37417ED764C0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YMJRwgABdgHpewBg&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg
Frame ID: 6E762A73E45C0D1E0C1CA998E099C6EC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMGM0OGE0Ni0yOTZiLTQ2ODAtOWMxZi05ZDQzNjBhYjg1MWQ=&gdpr=&gdpr_consent=
Frame ID: 5000E045CA78DC2C95C686464B3E1D81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: F4F971EFC345E80A826E09E81FA3E02F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: A2D5836B4F4A1D30B261BF34F18F1E88
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=a1fa1058-b415-4147-87bf-79116f253f4d&t=1625939650
Frame ID: 066F9BA0BFE6FD1C34832C4A99FAFDF4
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: C1A6830EE0063530F76858F4077DE449
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YMJRwsCo5ukAAB.kF6cAAAAA
Frame ID: DD85E7E7292CC51F2AEB5355474A8C9D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827871561967873
Frame ID: 4FEA952C25BACA8B4AF7FCEBF1C79BAE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=5ohsCtRatPkfEuiX4nyf&pi=gumgum&tc=1
Frame ID: CF5353E254BF3AF29C0BEF3327119ED0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7945260F82EC64C7768AAFFD519D202F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=46bc50c5-5a6a-4b66-bc6c-9a8467034420
Frame ID: 297D9181900F0215C6DEB501BFCB02F3
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C98B7E050BAC4A8F7FEF91DF8C3B942B
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8F5D648C6DA891C56A7CF8B9ADAFD487
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: FDBA608BE47D30341223BAAC4EC2DA69
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=96B8475B-013F-4971-8419-D22B904765DB
Frame ID: 2FB717F7F0567050CCBFD9E4E17DCC80
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4527855954673020420
Frame ID: 3B17612810A25C21763D6CE5BBD6EBC6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E84E9424246480FB5DD2E0C208AAD532
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225075391166606
Frame ID: 33B0CDEFDB9D1C2379E66CFF3A8EE538
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADvvU7BhKQAADKOsYyZ3w
Frame ID: 0486DD47E003415CB724C31A9DB5E0F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
Frame ID: 9F16EC609ABF35956C37ED0B0566CB12
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: F9868E19E30F69809F4CE68BEA8893A4
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=96B8475B-013F-4971-8419-D22B904765DB&ex=pubmatic.com
Frame ID: 4ED12187C43EF21E6CFB547FE3076473
Requests: 1 HTTP requests in this frame

Frame: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81CE0AACE2C9DAC0C89EFB1FE1D6FF88
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8E95906E0BF5F92FEFD611EBE35FF240
Requests: 9 HTTP requests in this frame

Frame: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
Frame ID: 66C4D576EF81E55E973E4C5DFBD258B6
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 23D47954EF15789B834306A4E56EFFE2
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: FE1FC98FCAEC51A4DC594B7461A73EAC
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: A018A301E66FA127D6032E2BC8C6AEC9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B2D55A055D7E4A3266362913337E140
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=commandwindows.com
Frame ID: 7A4034F3B1AC64262E37074670E29AB6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 92E9FE9F33504E23D3FC931BA3C61FDE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7FA96D48B13A9132E256EFD97D2A184D
Requests: 24 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: EE7D0F6F3DC0DCB2459845339256A90F
Requests: 30 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html
Frame ID: B29280C5D49296E22B2B1295C1E94C06
Requests: 6 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Frame ID: B0ECDB601D2FCD1A99756DF8597999E1
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4C800A1C86590784E8DD8ED58A25DCB3
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F9D599FB24C1B5C25DB909983776F390
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771
Frame ID: DF37EE7FDA63A322212EDEB1DFA57E63
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7273492026487536892
Frame ID: 45E23B0E3E4B16C2E381AD4931C73D96
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 8A7581443054CDF85473ABA9E08B7FF7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225101170276494
Frame ID: 2221320FDDEEAC2741EC1D7002CF0272
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg
Frame ID: 4055EB6CFF5CCADACF214F48B6C1E5AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: 9CA5C9086ABF9BB269FB049CCE9750DF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: A4F5FA992883B5C289006808DF682189
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4gwPIJVjy59NjTLiTw0QW9Fy
Frame ID: F7E1AF94364367F53A1E102FC69C039B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: F75F38A330FF5B03F7779C62E67D9933
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E89241843E2D760D8C88F49D7460A565
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F88C3A121A594B8566EDD5B33265A419
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=wHB9cUljVf8Y&pid=557219
Frame ID: D77AB607813B381A863F7D095272180B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 52CD11724225BCACC0F6586DAB432D13
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A91220F9AA9E59A4453510A9314C765A
Requests: 10 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: A33CEA9457236FCB3EC4C442E598E9E7
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: F6F2CD00ADAD3BC77A338A3813A9157F
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
Frame ID: 4D87BD6E009754C63DB3BD1C3EF3D02D
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: B1DD405B1D5A88AEC15CCFE7CE586F7A
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: 73FD5673A1475C7A06A7E1E0A61D80AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: 8721D71C2514F56D181ABB9B0360CCF0
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: 7445B6115A5CC35264A518B5BE077467
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Frame ID: ACF4096D02460D82168034196A3445F4
Requests: 12 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
Frame ID: A515DB6A717F516300F18130C9D5BFCB
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: 52FCFA4D03D045ADA5568A62F6865758
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Frame ID: DE316804A13A0B3EC8C04FF7088A5ABF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Frame ID: C2DC58B98F4B07A5A0F244D45E98D61E
Requests: 10 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/unr
Frame ID: 64E4AAAA0355C3E2F3AF6DC91970AFD7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 2926D45EC360974920FF8F7742E8DA31
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 240DD413A1480C78C14EECA7939614F3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cdn-3.commandwindows.com/ HTTP 301
https://commandwindows.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /widgets\.outbrain\.com\/outbrain\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

519
Requests

99 %
HTTPS

28 %
IPv6

106
Domains

169
Subdomains

106
IPs

11
Countries

2543 kB
Transfer

5641 kB
Size

22
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/de/klondike-the-lost-expedition/mine_f034_fb?plid=450833&pxl=outbrain&PublisherID=$publisher_name$_$section_id$&placement=003e0494e5058d7510e546b843eb7d7a16&adpartnerset=00d29234c7f87a49318e9a14815c842c7b&clickID=$ob_click_id$&obOrigUrl=true
Title: Wenn du über 40 bist und einen Computer hast, ist dieses Farm-Spiel ein Muss Klondike

Search URL Search Domain Scan URL

URL: https://lifeexact.com/trending/on-off-beziehung-oder-bis-der-tod-uns-scheidet-diese-promis-haben-die-wahre-liebe-gefunden-sw-ob-mona-v?utm_source=outbrain&utm_campaign=00156e240e82f0d4b4600e245c202215dc&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Mona+Vetsch+ist+45%2C+und+das+ist+ihr+Mann&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Mona Vetsch ist 45, und das ist ihr Mann https://lifeexact.com/

Search URL Search Domain Scan URL

URL: https://yourdailylama.com/trending/prominente-der-goldenen-ara-die-noch-leben-und-treten-einige-von-ihnen-haben-nicht-geplant-irgendwann-in-den-ruhestand-zu-gehen-terrencehill-de?utm_source=outbrain&utm_campaign=007716f4139d037c0124a81bbda23a8734&utm_medium=$section_name$__$section_id$&utm_term=%5BPhotos%5D++Mit+81+Jahren+ist+Terence+Hill+nur+noch+ein+Schatten+seiner+&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Photos] Mit 81 Jahren ist Terence Hill nur noch ein Schatten seiner selbst Your Daily Lama

Search URL Search Domain Scan URL

URL: https://hanuilds-cantake.com/76484b77-90c7-47fe-8deb-3e2480803400?pub=$publisher_name$&sec=$section_name$&publisherid=$publisher_id$&section=$section_id$&ad=003b1fb96b20d38a43a2cf811fd51c9559&ob_cid=$ob_click_id$&obOrigUrl=true
Title: Zürich: Eine Dating-Website für über 40-jährige, die wirklich funktioniert! www.kultiviertesingles.ch

Search URL Search Domain Scan URL

URL: https://editorsnation.com/trending/unzertrennlich-diese-promi-paare-sind-glucklich-zusammen-outbrain?utm_source=outbrain&utm_campaign=007d54ed75ea5733f9f3165d2756995068&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Halt+dich+fest+bevor+du+Stefan+Raab+Frau+jetzt+siehst&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Halt dich fest bevor du Stefan Raab Frau jetzt siehst Editor's Nation

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/497860237;305106724;j?obOrigUrl=true
Title: Eine Versicherung für jeden Fall. Bis zu CHF 100 Rabatt* sichern! www.axa.ch

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/de
Title: empfohlen von

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://oraculum.wahrsagen-chris.com/message_video107/a?utm_source=Outbrain&utm_medium=cpc&utm_campaign=Chris-CHDE-OB-p-Male-PerformanceWhitelist-V4&utm_content=00e9a0100732fdeb3d3605a47a68eebece&dv=p&lc=de&cc=ch&ar=XXXX&gd=X&ob_click_id=$ob_click_id$&sectionname=$section_name$&placement=$publisher_name$&sectionid=$section_id$&publisherid=$publisher_id$&obOrigUrl=true
Title: Ihr Horoskop 2021: so präzise, dass Sie erschaudern werden Der außergewöhnliche Chris

Search URL Search Domain Scan URL

URL: https://lifeexact.com/trending/hauser-der-stars-sw-ob?utm_source=outbrain&utm_campaign=0062adc8c99f3f83d3629401b39b93fb1d&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Mona+Vetsch+lebt+in+diesem+luxuri%C3%B6sen+Haus&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Mona Vetsch lebt in diesem luxuriösen Haus https://lifeexact.com/

Search URL Search Domain Scan URL

URL: https://code41watches.com/de/code41-the-watchmaker-breaking-all-of-the-records/?utm_campaign=outbrain&utm_source=de_ch_DTP_Record_June21&utm_medium=3518&obOrigUrl=true
Title: CODE41 mischt die Uhrmacherei auf und bietet eine außergewöhnliche Uhr für weniger als 5.500€ an CODE41 Watches

Search URL Search Domain Scan URL

URL: https://naturprodukte-tipps.ch/?obOrigUrl=true
Title: Schweizer Firma verschenkt CBD Öl naturprodukte-tipps.ch

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fcommandwindows.com%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/347666755331627
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn-3.commandwindows.com/ HTTP 301
https://commandwindows.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695895372&utmhn=commandwindows.com&utme=8(template*t*rid*bra)9(%2Fdirection%2Fdirection*99*0*mod1)11(3!2)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Windows%20Command%20Line%20Interpreter%7CShell%7CDOS%20Prompt%7CBatch%20Files%7CScripting&utmhid=1045620473&utmr=-&utmp=%2F&utmht=1623347649627&utmac=UA-29096671-22&utmcc=__utma%3D92376719.1178215692.1623347650.1623347650.1623347650.1%3B%2B__utmz%3D92376719.1623347650.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=825769364&utmredir=1&utmmt=1&utmu=iTAgAAAIACAAAAAAAAAAAABE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29096671-22&cid=1178215692.1623347650&jid=825769364&_v=5.7.2&z=695895372

Request Chain 58

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t

Request Chain 75

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1739347767 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1739347767 HTTP 302
https://sync.1rx.io/usersync/tradedesk/a1fa1058-b415-4147-87bf-79116f253f4d HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003

Request Chain 77

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 80

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7847840062258970552&ex=appnexus.com

Request Chain 81

https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

Request Chain 82

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=7635250732139091600

Request Chain 87

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
https://ce.lijit.com/merge?pid=86&3pid=5ohsCtRatPkfEuiX4nyf&pi=sovrn&gdpr_consent=&gdpr=0&tc=1

Request Chain 88

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ce.lijit.com/merge?pid=85&3pid=AACVAU7BhKQAADEnl-nfPg&gdpr=0

Request Chain 89

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=02bd2864-8bc7-4853-9d9a-761c6f9c3d1b&ssp=fmx HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=4fee5273-4871-4ba5-a116-35f56c8f47d4 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=4fee5273-4871-4ba5-a116-35f56c8f47d4&dnr=1

Request Chain 90

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=83&3pid=KPR7A0CJ-1Z-BO7O&gdpr=0

Request Chain 91

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=7813a075-a6bb-4d29-b9b0-2b47a1fd5c49

Request Chain 92

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=7847840062258970552

Request Chain 93

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_10c48a46-296b-4680-9c1f-9d4360ab851d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_10c48a46-296b-4680-9c1f-9d4360ab851d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=1788984194979523097&ssp=gumgum2 HTTP 302
https://rtb.gumgum.com/usersync?b=bsw&i=550dafd9-b18d-456e-b12a-f6fc223f1dd9

Request Chain 94

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://rtb.gumgum.com/usersync?b=obn&i=ENC%287ZOKR4dQohyUa8kZ28KIbL_8eQSemIYhbyxPlx0zVBD_VFfXfVcpaMDTOxeyy30j%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%287ZOKR4dQohyUa8kZ28KIbL_8eQSemIYhbyxPlx0zVBD_VFfXfVcpaMDTOxeyy30j%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_10c48a46-296b-4680-9c1f-9d4360ab851d&obuid=ENC(7ZOKR4dQohyUa8kZ28KIbL_8eQSemIYhbyxPlx0zVBD_VFfXfVcpaMDTOxeyy30j) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7847840062258970552&obUid=0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn

Request Chain 95

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=opx&i=f7597789-4ff0-4f8c-84b1-b39ab7496f5f

Request Chain 96

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=sta&i=0-358a6cef-fc1d-4851-5b71-2eefde6d6a41$ip$185.156.175.107

Request Chain 97

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=oth&i=y-gVlMiDtE2pd3N5GUlMF3WQzxIEuULJdueEUe~A

Request Chain 98

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://rtb.gumgum.com/usersync?b=vnt&i=dc2a5339-ca14-11eb-902d-3f2e221f272b

Request Chain 101

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_10c48a46-296b-4680-9c1f-9d4360ab851d&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://rtb.gumgum.com/usersync?b=zem&i=

Request Chain 102

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://rtb.gumgum.com/usersync?b=idi&i=a364113e-a7e5-438f-b84f-f38e4c2a43fd

Request Chain 103

https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5100588225 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5100588225 HTTP 302
https://sync.1rx.io/usersync/tradedesk/a1fa1058-b415-4147-87bf-79116f253f4d HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003 HTTP 302
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003

Request Chain 104

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=2QK90WGwx4Jj&ev=1&pid=558355

Request Chain 106

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=&gdpr_consent=

Request Chain 107

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg HTTP 302
https://rtb.gumgum.com/usersync?b=atm&i=YMJRwgABdgHpewBg&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg

Request Chain 111

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=ttd&i=a1fa1058-b415-4147-87bf-79116f253f4d&t=1625939650

Request Chain 113

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://rtb.gumgum.com/usersync?b=sus&i=YMJRwsCo5ukAAB.kF6cAAAAA

Request Chain 114

https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
https://rtb.gumgum.com/usersync?b=zet&i=2159827871561967873

Request Chain 115

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://rtb.gumgum.com/usersync?b=rth&i=5ohsCtRatPkfEuiX4nyf&pi=gumgum&tc=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJa1WeRUTzqYuhA_U8AwZ04&google_cver=1

Request Chain 119

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB&dcc=t

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMJRwnnBf2s.5Lkz6rVxJQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDU8R9L0olr_BJHEFaMyr28&google_cver=1&google_hm=2

Request Chain 122

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3375910884113828910&expiration=1624557251

Request Chain 123

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-244b8c86-b593-435d-a31b-25d6d697ddfe HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-244b8c86-b593-435d-a31b-25d6d697ddfe&C=1

Request Chain 124

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMJRwnnBf2s.5Lkz6rVxJQAA%261211?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRwnnBf2s.5Lkz6rVxJQAA%261211

Request Chain 144

https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305108365;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=vIgmnCgi0n2x0hSUgWzbRVJFGtEN00MWrzKx1yr3JYY-lSuO9rTBCXB8-TAVGDvK&obTimestamp=1623347650492 HTTP 302
https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305108365;dc_pre=CL7A1qDRjfECFQ-ndwodEoMB2A;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=vIgmnCgi0n2x0hSUgWzbRVJFGtEN00MWrzKx1yr3JYY-lSuO9rTBCXB8-TAVGDvK&obTimestamp=1623347650492 HTTP 302
https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png

Request Chain 145

https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305106724;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=vIgmnCgi0n2x0hSUgWzbRVJFGtEN00MWrzKx1yr3JYY-lSuO9rTBCXB8-TAVGDvK&obTimestamp=1623347650492 HTTP 302
https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305106724;dc_pre=CNjC1qDRjfECFdXJuwgdhRoJYQ;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?&obRequestId=vIgmnCgi0n2x0hSUgWzbRVJFGtEN00MWrzKx1yr3JYY-lSuO9rTBCXB8-TAVGDvK&obTimestamp=1623347650492 HTTP 302
https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png

Request Chain 146

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=6420&cs_ucfr=1&ns__t=1623347650740&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D6420%26dmpenabled%3Dtrue%26filterDMP%3D%26csenabled%3Dtrue%26d%3D0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn%26gdpr%3D0%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fcommandwindows.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=6420&cs_ucfr=1&ns__t=1623347650740&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D6420%26dmpenabled%3Dtrue%26filterDMP%3D%26csenabled%3Dtrue%26d%3D0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn%26gdpr%3D0%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fcommandwindows.com%2F

Request Chain 152

https://c1.adform.net/serving/cookie/match?party=14&cid=96B8475B-013F-4971-8419-D22B904765DB HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=96B8475B-013F-4971-8419-D22B904765DB

Request Chain 153

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4527855954673020420

Request Chain 155

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225075391166606

Request Chain 156

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVkFVN0JoS1FBQURFbmwtbmZQZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACVAU7BhKQAADEnl-nfPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACVAU7BhKQAADEnl-nfPg&pid=558502&do=add HTTP 303
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACVAU7BhKQAADEnl-nfPg&pid=558502&do=add&_bee_ppp=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADvvU7BhKQAADKOsYyZ3w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5229082194417480201 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADvvU7BhKQAADKOsYyZ3w

Request Chain 157

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003&rndcb=7462249941 HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827871561967873&expires=30&ssp=adconductor HTTP 302
https://sync.1rx.io/usersync/bidswitch/550dafd9-b18d-456e-b12a-f6fc223f1dd9?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003

Request Chain 158

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lrhHWwE_SXGEGdIrkEdl2w%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 161

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bcbf60c2-51c2-4a00-9539-83fdb0b5c715

Request Chain 162

https://pixel.onaudience.com/?partner=214&mapped=96B8475B-013F-4971-8419-D22B904765DB HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=ab0b1507-36b9-4d53-ae9b-f133755f1529&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3b30820fd0eb1bfd86c71564380744eb HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=6191851e62542bb7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1e99404d-b6f5-4010-7edb-823451f4289d&reqId=f97d29ec-5e2b-497c-697b-03959a64201d&zcluid=6191851e62542bb7&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEAyFuGnpyengypsaAuBRxM8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1e99404d-b6f5-4010-7edb-823451f4289d&reqId=f97d29ec-5e2b-497c-697b-03959a64201d&zcluid=6191851e62542bb7&zdid=1332

Request Chain 163

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=0&gdpr_consent=

Request Chain 164

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=249021155297360410

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJwWODPdENR-sDBt1dQea5w&google_cver=1

Request Chain 166

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1fa1058-b415-4147-87bf-79116f253f4d

Request Chain 167

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7847840062258970552&gdpr=0&gdpr_consent=

Request Chain 169

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=96B8475B-013F-4971-8419-D22B904765DB&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GrufalJE2uUyYFplwXN4xIndix2MOUU-~A&gdpr=0&gdpr_consent=

Request Chain 170

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn

Request Chain 171

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=550dafd9-b18d-456e-b12a-f6fc223f1dd9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=11f3df69-8be4-41d5-911d-29cdc96ad47f&expires=1&user_group=5&ssp=pubmatic&bsw_param=550dafd9-b18d-456e-b12a-f6fc223f1dd9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4fee5273-4871-4ba5-a116-35f56c8f47d4&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 172

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRwgABdgHpewBg&gdpr=0&gdpr_consent=

Request Chain 173

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8520015361242243657&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 175

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4e3f272f-2a87-4d45-a222-78fa9b0ba9e6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 176

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4fbcc3d4-4586-438f-8d9a-377ccfd29cde-60c251c4-4348&gdpr=0&gdpr_consent=

Request Chain 200

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECKEzrrIgMpLonaIWInypPQ&google_cver=1&google_push=AYg5qPKvUuO1rcYHFCAzuFAQJ3kROcqCFDjUdb2-Pfi6sXAktGNF4FW9A9XSkVwkFYLaTO6YOF2SGrCuMMwtheyrs5l2D8QSU71p HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESECKEzrrIgMpLonaIWInypPQ&google_cver=1&google_push=AYg5qPKvUuO1rcYHFCAzuFAQJ3kROcqCFDjUdb2-Pfi6sXAktGNF4FW9A9XSkVwkFYLaTO6YOF2SGrCuMMwtheyrs5l2D8QSU71p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N9VXs3gqTvKzeJf4EwpB3WDCUcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N9VXs3gqTvKzeJf4EwpB3WDCUcQ&google_tc=

Request Chain 202

https://a.c.appier.net/gcm?google_gid=CAESEGiMn8Tsk1ixxfJj-Ok0nfk&google_cver=1&google_push=AYg5qPJJSEdXbq804HPEkdTfESpU_QYK4sXbQZCGBtPkQeuJdk7lnmQbOQ7uZoIQI4jcGUoRIUXJF5haMKcFD5u-DMO65VzEImIT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QUYxUkhTeVpCSW00Y3NEVnhWSENZQQ%3D%3D&google_push=AYg5qPJJSEdXbq804HPEkdTfESpU_QYK4sXbQZCGBtPkQeuJdk7lnmQbOQ7uZoIQI4jcGUoRIUXJF5haMKcFD5u-DMO65VzEImIT

Request Chain 203

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIzE32aAXjDMRQXCWwk4w68&google_cver=1&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN6693jwLOk HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIzE32aAXjDMRQXCWwk4w68&google_cver=1&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN6693jwLOk HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=de68f522-27ae-4374-8b0c-fc257b6b0b52&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN6693jwLOk&google_hm=T-5Sc0hxS6WhFjX1bI9H1A==

Request Chain 205

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDeIjgPEnbJ431Yq-xxyfr0&google_cver=1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b5b91fbf-c213-491f-a298-860ac783e53b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M%26google_hm%3DA7W5H7_CE0kfopiGCseD5Ts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M&google_hm=A7W5H7_CE0kfopiGCseD5Ts HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M&google_hm=A7W5H7_CE0kfopiGCseD5Ts&google_tc=

Request Chain 246

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 250

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcommandwindows.com%2F&domain=commandwindows.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=VdmOPXxiRGdrQVMzSk1FUEQ4T1ZUTlRLb2gyZ1B0ZXloUDZTWjE4RVI0dGdRTW9ncXoxdHlXT2IzdHF4b3BhYk5CVWswWml5MlY4eGRrcEJCVkl5amdkTm0wQUh2TmhkZ1VaZXJFMzVOZm95OG0vQ1FLRXpsWXhvSjRHQkZ5NWQ4TkUwYzdmYXZCcHViRXVVTW1sZE51dU9GQkxSa1NaUUVEd3Q0ejdaZXhJRVlobytWZXRXdVlWTmM3Rlplc1pmSG0zanRSRU1ZdmllL3cvMVN3UUwwZWZ3dGxkOUpSak5oTXlHMW5sRmJlNHo4TVhBPXw&cppv=2

Request Chain 318

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1--- HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---

Request Chain 322

https://c1.adform.net/serving/cookie/match?party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcnTFP_UaZI0GYPz6TFAvk&google_cver=1

Request Chain 324

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7273492026487536892

Request Chain 325

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&gdpr=0&gdpr_consent=

Request Chain 326

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=556477824948206670

Request Chain 327

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f20408e4-7797-4367-80ea-1fc17cd6f1e4

Request Chain 329

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=299143925439203548&gdpr=0&gdpr_consent=

Request Chain 330

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7

Request Chain 331

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225101170276494

Request Chain 332

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBMXIwN0JoS1FBQURMb1ZJQ3UyZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA1r07BhKQAADLoVICu2g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=194909576046506650 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D194909576046506650%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=194909576046506650&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACPgk7BhKQAADFvl-nfPg&pid=558502&do=add HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg

Request Chain 333

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:65bd650e-8704-409c-af6b-de1a095e8397&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 334

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr=0&gdpr_consent=

Request Chain 335

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=533899863 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f20408e4-7797-4367-80ea-1fc17cd6f1e4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 336

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 337

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4gwPIJVjy59NjTLiTw0QW9Fy

Request Chain 340

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 341

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=wHB9cUljVf8Y&pid=557219

Request Chain 342

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R3YO3mCARKqiIi23ohq3cQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R3YO3mCARKqiIi23ohq3cQ%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 344

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14c760c2-51ca-4800-85e0-643d3e675973

Request Chain 345

https://pixel.onaudience.com/?partner=214&mapped=47760EDE-6080-44AA-A222-2DB7A21AB771 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=f20408e4-7797-4367-80ea-1fc17cd6f1e4&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=7cabf0becf2e9cd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdfd794-3bf2-4d39-4c00-776bda731f30&reqId=4deb6ccd-1807-401a-489c-7a8974b478ae&zcluid=7cabf0becf2e9cd0&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEBPbza2mfj84IKnTY48_0rw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdfd794-3bf2-4d39-4c00-776bda731f30&reqId=4deb6ccd-1807-401a-489c-7a8974b478ae&zcluid=7cabf0becf2e9cd0&zdid=1332

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc3NjBFREUtNjA4MC00NEFBLUEyMjItMkRCN0EyMUFCNzcx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 349

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=47760EDE-6080-44AA-A222-2DB7A21AB771&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EsSd4NxE2uX7u2z5MKZIhwf20FqiBo0-~A&gdpr=0&gdpr_consent=

Request Chain 350

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=c60b42f1-f3a1-44be-ac37-9594017e1f1f HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=27cf279e-0f37-4300-af4b-182088e07f49&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c60b42f1-f3a1-44be-ac37-9594017e1f1f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 351

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YMJRygABdgdu7ABg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRygABdgdu7ABg&gdpr=0&gdpr_consent=&_test=YMJRygABdgdu7ABg

Request Chain 352

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2552665390517806558&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 354

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3669028585186577923

Request Chain 355

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e5741d97-7df9-4400-8de1-8b3f232b7629

Request Chain 356

https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 358

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=JZftUikI1LRoSK5

Request Chain 359

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7330eb2a-2907-4004-b4bd-aa789b94cbc9 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7330eb2a-2907-4004-b4bd-aa789b94cbc9 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=27cf279e-0f37-4300-af4b-182088e07f49&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=c60b42f1-f3a1-44be-ac37-9594017e1f1f

Request Chain 360

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDUGdrN0JoS1FBQURGdmwtbmZQZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPgk7BhKQAADFvl-nfPg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=194909576046506650 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D194909576046506650%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=194909576046506650&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACPgk7BhKQAADFvl-nfPg&pid=558502&do=add HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACPgk7BhKQAADFvl-nfPg

Request Chain 361

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dc2160c2-51ca-4800-ab20-e21d3fab79c6

Request Chain 362

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=8J4jFfOfI0brzCRC8MptF6fKJBHrzyYT8s8N7m-Z

Request Chain 363

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2403553541928046679

Request Chain 366

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWW0_fdlyjlJe-mdTnqzVE&google_cver=1

Request Chain 370

https://px.owneriq.net/eucm/p/cwc HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6766340581271818669&ref=%2Feucm%2Fp%2Fcwc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 371

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr_in_effect=0&gdpr_consent=

Request Chain 372

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eHVVV1BoMTFfWTFsRWFIcExBUXI5QQ&gdpr=0&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOXy50GbYzDxuhKjl5dGotE&google_cver=1

Request Chain 373

https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pulsepoint&bsw_custom_parameter=c60b42f1-f3a1-44be-ac37-9594017e1f1f HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pulsepoint&bsw_custom_parameter=c60b42f1-f3a1-44be-ac37-9594017e1f1f HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=aaf5cf8b-efc9-4b91-b820-e84b03ee0e6f&ssp=pulsepoint&expires=30&user_group=5&bsw_param=c60b42f1-f3a1-44be-ac37-9594017e1f1f HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=aaf5cf8b-efc9-4b91-b820-e84b03ee0e6f&ssp=pulsepoint&expires=30&user_group=5&bsw_param=c60b42f1-f3a1-44be-ac37-9594017e1f1f HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=6980f769-2340-41c2-b5de-5cd6526f8821

Request Chain 374

https://pixel.advertising.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=&apid=UPe10d6470-ca14-11eb-8b64-028c3a1b4c64

Request Chain 375

https://eb2.3lift.com/xuid?mid=2636&xuid=g81R1zO6u4Xt&dongle=8bee HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2636&xuid=g81R1zO6u4Xt&dongle=8bee&gdpr=1&cmp_cs=&us_privacy=

Request Chain 377

https://match.prod.bidr.io/cookie-sync/pp HTTP 303
https://match.prod.bidr.io/cookie-sync/pp?_bee_ppp=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA1r07BhKQAADLoVICu2g&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dpp%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp&bee_sync_current_partner=pm&bee_sync_initiator=pp&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPgk7BhKQAADFvl-nfPg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpp%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp&bee_sync_current_partner=sas&bee_sync_initiator=pp&bee_sync_hop_count=2&userid=194909576046506650 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=g81R1zO6u4Xt HTTP 302
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEL3ejAXkkfWgzpcdqXZ4NTg&google_cver=1

Request Chain 379

https://sync.search.spotxchange.com/partner?adv_id=8185&uid=g81R1zO6u4Xt HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8185&uid=g81R1zO6u4Xt&__user_check__=1&sync_id=e1162a47-ca14-11eb-83bc-156973b60106

Request Chain 383

https://red.erne.co/pulsepoint/cm HTTP 302
https://pixel.onaudience.com/?mapped=4gwPIJVjy59NjTLiTw0QW9Fy&partner=2&redirect=red.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D560956%2526ev%253D4gwPIJVjy59NjTLiTw0QW9Fy HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fred.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fbh.contextweb.com%25252Fbh%25252Frtset%25253Fdo%25253Dadd%252526pid%25253D560956%252526ev%25253D4gwPIJVjy59NjTLiTw0QW9Fy HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3b30820fd0eb1bfd86c71564380744eb&redirect=https%3A%2F%2Fred.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D560956%2526ev%253D4gwPIJVjy59NjTLiTw0QW9Fy HTTP 302
https://red.erne.co/ct/cm?red=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D560956%26ev%3D4gwPIJVjy59NjTLiTw0QW9Fy HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=4gwPIJVjy59NjTLiTw0QW9Fy

Request Chain 392

https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=g81R1zO6u4Xt HTTP 302
https://c.deployads.com/cs/TRRT?b=g81R1zO6u4Xt

Request Chain 393

https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt HTTP 303
https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt&_li_chk=true&previous_uuid=79337e742dd44b8694b58181b71c6813 HTTP 303
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt

Request Chain 401

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMJRylc0Bzjvr19gDAhBKwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECr8-nppyTHD5Jm8QTPozuA&google_cver=1

Request Chain 402

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ-PLtR5osp6rmwEIfbRBOA&google_cver=1

Request Chain 403

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB&dcc=t

Request Chain 405

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://tags.bluekai.com/site/17724?id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%3Fhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%2526expiration%253D1625939658 HTTP 302
https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348?https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%26expiration%3D1625939658 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348?https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348%26expiration%3D1625939658 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939658

Request Chain 408

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623434058

Request Chain 424

https://x.bidswitch.net/sync?ssp=unrulyx HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=unrulyx&bsw_custom_parameter=c60b42f1-f3a1-44be-ac37-9594017e1f1f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=d3b77baf-2331-49ed-9145-c2aec8e9539e&expires=1&user_group=5&ssp=unrulyx&bsw_param=c60b42f1-f3a1-44be-ac37-9594017e1f1f HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/c60b42f1-f3a1-44be-ac37-9594017e1f1f?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/c60b42f1-f3a1-44be-ac37-9594017e1f1f?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 425

https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D HTTP 307
https://usermatch.targeting.unrulymedia.com/usermatch/loopme/dcd2693e-e706-43f0-a646-ddf0b06dd394 HTTP 302
https://sync.1rx.io/usersync/loopme/dcd2693e-e706-43f0-a646-ddf0b06dd394 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 426

https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/8e54ae2c85764972b7253b4610bd2251 HTTP 302
https://sync.1rx.io/usersync/crimtan/8e54ae2c85764972b7253b4610bd2251 HTTP 302
https://sync.1rx.io/usersync/crimtan/8e54ae2c85764972b7253b4610bd2251?zcc=1&dspret=0&cb=1623347661170 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

Request Chain 427

https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/299143925439203548 HTTP 302
https://sync.1rx.io/usersync/appnexus/299143925439203548 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 428

https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/dc2160c2-51ca-4800-ab20-e21d3fab79c6 HTTP 302
https://sync.1rx.io/usersync/mediamathtest/dc2160c2-51ca-4800-ab20-e21d3fab79c6 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 429

https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YMJRygABdgdu7ABg HTTP 302
https://sync.1rx.io/usersync/adobe/YMJRygABdgdu7ABg HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 430

https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1 HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/f20408e4-7797-4367-80ea-1fc17cd6f1e4 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f20408e4-7797-4367-80ea-1fc17cd6f1e4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 431

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east

Request Chain 432

https://sync.srv.stackadapt.com/sync?nid=41 HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/stackadapt/EYYxtDsqTWFutOxm9Il2O7mcr2s HTTP 302
https://sync.1rx.io/usersync/stackadapt/EYYxtDsqTWFutOxm9Il2O7mcr2s HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

Request Chain 433

https://pr-bh.ybp.yahoo.com/sync/unruly/ HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-dIPJXOZE2oXuhq9z4mu3sT58jd2Z2dNj2nQC~A HTTP 302
https://sync.1rx.io/usersync/verizon/y-dIPJXOZE2oXuhq9z4mu3sT58jd2Z2dNj2nQC~A HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 434

https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25 HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/g81R1zO6u4Xt HTTP 302
https://sync.1rx.io/usersync/pulse/g81R1zO6u4Xt HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 437

https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0 HTTP 302
https://sync.1rx.io/usersync/quantcast/DiBvCw0hb1gVcmhcDnQhCVl0aA8VcWoNDHG0Pyrp?gdpr=1

Request Chain 438

https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEDK7cKghmaTc1UcENMY4t_k?google_cver=1 HTTP 302
https://sync.1rx.io/usersync/google/CAESEDK7cKghmaTc1UcENMY4t_k?google_cver=1 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 439

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=299143925439203548

Request Chain 441

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACPgk7BhKQAADFvl-nfPg&expiration=1624557260

Request Chain 442

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2552665390517806558

Request Chain 443

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMJRylc0Bzjvr19gDAhBKwAA%261125?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRylc0Bzjvr19gDAhBKwAA%261125

Request Chain 444

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc2160c2-51ca-4800-ab20-e21d3fab79c6

Request Chain 445

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939660

Request Chain 446

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ff8ff2f-d787-409c-b4c5-c67e0833658e

Request Chain 447

https://usermatch.targeting.unrulymedia.com/usermatch/casale/YMJRylc0Bzjvr19gDAhBKwAA%261125 HTTP 302
https://sync.1rx.io/usersync/index/YMJRylc0Bzjvr19gDAhBKwAA&1125 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

Request Chain 463

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/rubicon/KPR7A8JX-D-1GX2 HTTP 302
https://sync.1rx.io/usersync/rubicon/KPR7A8JX-D-1GX2 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

Request Chain 465

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BSN0E4SlgtRC0xR1gy

Request Chain 467

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YMJRzgABdgWgdwBg HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMJRzgABdgWgdwBg&_test=YMJRzgABdgWgdwBg

Request Chain 468

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOu0tWXj5U7nEKI6oybNGeQ&google_cver=1

Request Chain 469

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=762260c2-51ce-4600-838d-e67705048110

Request Chain 470

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPR7A8JX-D-1GX2&sigv=1&esig=2~f1b5447741c5984ab6b98dc8ab88a5578537343a

Request Chain 471

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/HGlE3x7NR_XNj1lNR4Tj5Q?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7630302539554482625

Request Chain 488

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

519 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
commandwindows.com/
Redirect Chain

https://cdn-3.commandwindows.com/
https://commandwindows.com/

195 KB
33 KB

492ms
352ms

Document
text/html

3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f85b35286aaa9fa99ff405a1395b72717e29f694bdabb4fcc3b1f04d56c6f11b

Request headers

:method: GET
:authority: commandwindows.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-hash: 6f5c61a443dfc27b037a2d2f7cf4c93b53461f5f
content-type: text/html; charset=iso-8859-1
date: Thu, 10 Jun 2021 17:54:07 GMT
display: stored
expires: Wed, 09 Jun 2021 17:54:07 GMT
pagespeed: off
response: 200
server: nginx/1.16.0
set-cookie: ezouid_146=1262149469; expires=Wed, 31-May-2023 17:54:07 GMT; Max-Age=62208000; path=/; domain=commandwindows.com; httponly template99::domain146::headerpic::viewed=1; expires=Thu, 10-Jun-2021 18:54:07 GMT; Max-Age=3600 ezoadgid_146=-1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:07 UTC ezoref_146=; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:07 UTC ezoab_146=mod1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:07 UTC active_template::146=%2Fdirection%2Fdirection.1623347647; Path=/; Domain=commandwindows.com; Expires=Sat, 12 Jun 2021 17:54:07 UTC ezopvc_146=1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:07 UTC ezepvv=0; Path=/; Domain=commandwindows.com; Expires=Fri, 11 Jun 2021 17:54:07 UTC ezovid_146=471789710; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:07 UTC lp_146=https://commandwindows.com/; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:07 UTC ezovuuidtime_146=1623347647; Path=/; Domain=commandwindows.com; Expires=Sat, 12 Jun 2021 17:54:07 UTC ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:07 UTC ezCMPCCS=true; Path=/; Domain=commandwindows.com; Expires=Fri, 10 Jun 2022 17:54:07 GMT
vary: Accept-Encoding Accept-Encoding
x-middleton-display: stored
x-middleton-response: 200
x-sol: middleton

Redirect headers

date: Thu, 10 Jun 2021 17:54:07 GMT
content-type: text/html
cache-control: max-age=0, must-revalidate, no-cache, no-store
expires: Wed, 09 Jun 2021 17:54:07 GMT
location: https://commandwindows.com/
pagespeed: off
vary: Accept-Encoding Accept-Encoding
x-sol: middleton
cf-cache-status: DYNAMIC
cf-request-id: 0a98a86baf00004ebcc5313000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PvNZiyAU2NKeSIsBbyMiUQ%2BlhlONRweesZRj10KQeiSg5iX%2Bp3Kn2If%2BrZU7Hid8XgYWSwE8E2D3gNWfVBuoWm5w%2FiofhdIiRxK8ut8Nn1n4vNcZiynLW1MLyrvIbbXvBsrAbM26%2FPBW3i%2BjUoE9SEFH"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65d4768c4c5c4ebc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 77ms
29ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

3aea6a06298a0b487141adffed0784494756cc31ea80e5e5062dcd1724c96bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "898 / 253 of 1000 / last-modified: 1623343493"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21314
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:54:08 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 262 KB
77 KB 126ms
98ms Script
application/javascript 2606:4700:3035::6815:4c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69b7367820a37dfc6e0ff80d2cf5af4bf3a112cc5a9bc1b5052ecd2d4d1ea73

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X5ZN62PtnHjJYzw%2BVEPMPnC1Q5e4zDFUz6mKE%2FP82pPyqqUOiNLSvMwTUabMsSKPTHAbteduRqhD9IqmqpYnx8W6m8W5%2Bhtg1nxHohojDh0ImKUXHqISS2WvJBOnR4JhPQK%2BItX%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 65d476900b921f31-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a98a86e0900001f311c040000000001

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 101ms
38ms Script
application/javascript 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sWCsRsvwWkSFZMQxDYXuCmbidBHsB_Lq
content-encoding: gzip
server: Server
age: 216
etag: c457e964d47ff007ca9e04843536c474
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Thu, 10 Jun 2021 17:50:31 GMT
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: HvFZs6Jj7C5J8y6cLhNFzjdn6fhKmSPP-YYQPzmrUQ9pVKcSzd0Lfw==

GET
H2 200 boise.js Show response
commandwindows.com/detroitchicago/ 983 B
466 B 23ms
23ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/boise.js?gcb=194-1&cb=1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

:path: /detroitchicago/boise.js?gcb=194-1&cb=1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 426

GET
H2 200 banger.js Show response
commandwindows.com/porpoiseant/ 43 KB
10 KB 25ms
24ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/banger.js?cb=194-1&bv=19&v=51&PageSpeed=off
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 49b4590226bef6c7dcb22c0b11a0b97870947589e4e74d0a8c6269fb157e9a90

Request headers

:path: /porpoiseant/banger.js?cb=194-1&bv=19&v=51&PageSpeed=off
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 memphis.js Show response
commandwindows.com/detroitchicago/ 5 KB
2 KB 25ms
25ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/memphis.js?gcb=194-1&cb=7
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 9c8cf38d1dee0b9ea30d20299c7cd8fa25b9d646c6bd86d364313aa04f009cac

Request headers

:path: /detroitchicago/memphis.js?gcb=194-1&cb=7
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1523

GET
H2 200 minneapolis.js Show response
commandwindows.com/detroitchicago/ 864 B
452 B 23ms
23ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/minneapolis.js?gcb=194-1&cb=3
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

:path: /detroitchicago/minneapolis.js?gcb=194-1&cb=3
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 419

GET
H2 200 combine.php
commandwindows.com/utilcave_com/templates/ 2 KB
676 B 36ms
34ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fcss%2Fmega_menu.ezoic.scss%26dirname%3Dcommandwindows_com%26ezcb%3D194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 6cbe1281634579c336e385dad795894066b956f914b9b95323fdb4156712d5cb

Request headers

:path: /utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fcss%2Fmega_menu.ezoic.scss%26dirname%3Dcommandwindows_com%26ezcb%3D194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
x-sol: sol-template-css
server: nginx/1.16.0
display: sol_css, staticcontent_sol
vary: Accept-Encoding Origin,Accept-Encoding
content-type: text/css
x-middleton-display: sol_css, staticcontent_sol
cache-control: max-age=31536000, public
content-length: 618
expires: Fri, 10 Jun 2022 17:54:07 UTC

GET
H2 200 combine.php
commandwindows.com/utilcave_com/templates/ 3 KB
986 B 31ms
29ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fcss%2Fcommon.ezoic.scss%26dirname%3Dcommandwindows_com%26ezcb%3D194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 482e5a29dfc92cf0f3f2bdc1034b270edcfecc29e81311d2ed277c74ec091232

Request headers

:path: /utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fcss%2Fcommon.ezoic.scss%26dirname%3Dcommandwindows_com%26ezcb%3D194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
x-sol: sol-template-css
server: nginx/1.16.0
display: sol_css, staticcontent_sol
vary: Accept-Encoding Origin,Accept-Encoding
content-type: text/css
x-middleton-display: sol_css, staticcontent_sol
cache-control: max-age=31536000, public
content-length: 851
expires: Fri, 10 Jun 2022 17:54:08 UTC

GET
H2 200 combine.php
commandwindows.com/utilcave_com/templates/ 3 KB
730 B 39ms
38ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fmegamenu.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: b8839c52cbf8c0d6356f538253e6e2a7a727094a6e008face018d499c7add929

Request headers

:path: /utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fmegamenu.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
x-sol: sol-template-css
server: nginx/1.16.0
display: sol_css, staticcontent_sol
vary: Accept-Encoding Origin,Accept-Encoding
content-type: text/css
x-middleton-display: sol_css, staticcontent_sol
cache-control: max-age=31536000, public
content-length: 695
expires: Fri, 10 Jun 2022 17:54:08 UTC

GET
H2 200 combine.php
commandwindows.com/utilcave_com/templates/ 7 KB
2 KB 53ms
51ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 25cd6847176f8f8942c4872a32a0038e2255b71fe94813808d44e0d74969b092

Request headers

:path: /utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
x-sol: sol-template-css
server: nginx/1.16.0
display: sol_css, staticcontent_sol
vary: Accept-Encoding Origin,Accept-Encoding
content-type: text/css
x-middleton-display: sol_css, staticcontent_sol
cache-control: max-age=31536000, public
content-length: 1522
expires: Fri, 10 Jun 2022 17:54:08 UTC

GET
H2 200 combine.php
commandwindows.com/utilcave_com/templates/ 5 KB
812 B 197ms
195ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fezoic.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a82c8e099b9ae8f770224a36884dc3d1b49997d9062c5e9de2df4717018c3dd4

Request headers

:path: /utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fezoic.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
x-sol: sol-template-css
server: nginx/1.16.0
display: sol_css, staticcontent_sol
vary: Accept-Encoding Origin,Accept-Encoding
content-type: text/css
x-middleton-display: sol_css, staticcontent_sol
cache-control: max-age=31536000, public
content-length: 777
expires: Fri, 10 Jun 2022 17:54:08 UTC

GET
H2 200 2col.css
commandwindows.com/css/ 4 KB
1 KB 1505ms
1504ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/css/2col.css?ecb=194-1&ez_css_parse=1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c45b55f456b7dd076e63c2a4b5962a72593647b487d17b50c9f4494092febb55

Request headers

:path: /css/2col.css?ecb=194-1&ez_css_parse=1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
response: 200
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
display: processcss, staticcontent_sol
vary: Accept-Encoding Accept-Encoding,Origin
content-type: text/css;charset=utf-8
x-middleton-display: processcss, staticcontent_sol
cache-control: max-age=172800
x-middleton-response: 200
x-sol: middleton
content-length: 897
expires: Sat, 12 Jun 2021 17:52:04 GMT

GET
H2 200 cookieconsent.min.js Show response
commandwindows.com/ezoic/ 4 KB
2 KB 27ms
25ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/ezoic/cookieconsent.min.js
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

:path: /ezoic/cookieconsent.min.js
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
etag: "11a4-5c3cf8fc12640-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 1707
expires: Fri, 10 Jun 2022 17:54:08 GMT

GET
H2 200 command-windows.png
commandwindows.com/graphics/ 7 KB
7 KB 228ms
227ms Image
image/png 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://commandwindows.com/graphics/command-windows.png?ecb=194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0280b3f24cb632b54830216ae0ea2e888adf56eed9dfd5ada84811d58fe772de

Request headers

:path: /graphics/command-windows.png?ecb=194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
response: 200
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "5e8625-1afc-4e565c1c1be00-gzip"
vary: Accept-Encoding Origin,Accept-Encoding
content-type: image/png
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
expires: Thu, 17 Jun 2021 17:51:39 GMT

GET
H2 200 raleigh.js Show response
commandwindows.com/detroitchicago/ 2 KB
804 B 22ms
21ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/raleigh.js?gcb=194-1&cb=5
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae

Request headers

:path: /detroitchicago/raleigh.js?gcb=194-1&cb=5
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 771

GET
H2 200 tampa.js Show response
commandwindows.com/detroitchicago/ 773 B
450 B 22ms
22ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/tampa.js?gcb=194-1&cb=3
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e

Request headers

:path: /detroitchicago/tampa.js?gcb=194-1&cb=3
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 407

GET
H2 200 jass.head.js Show response
commandwindows.com/jass/ 50 KB
15 KB 26ms
26ms Script
text/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/jass/jass.head.js?cb=85
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 160b8958c636851c64813685c13d067eb1e68f55c97e334a9d859227cd703d71

Request headers

:path: /jass/jass.head.js?cb=85
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
vary: Accept-Encoding Accept-Encoding
content-type: text/javascript

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uxkWWSBNT+kAl9XHKxyESA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "920a6e51949cf2eec053a3396b28fac1"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-uxkWWSBNT+kAl9XHKxyESA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Jun 2021 17:54:08 GMT

GET
H2 200 footer_logo_light.gif
commandwindows.com/graphics/ 4 KB
4 KB 211ms
210ms Image
image/gif 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://commandwindows.com/graphics/footer_logo_light.gif
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 8b988d1d4d7625ce5d8cb96e2c06bdd5ce1049f17b82604926db091297b5270d

Request headers

:path: /graphics/footer_logo_light.gif
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
response: 200
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "5e8627-f7e-4e565c1c1be00-gzip"
vary: Accept-Encoding Origin,Accept-Encoding
content-type: image/gif
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=604800
x-middleton-response: 200
content-length: 3858
expires: Thu, 17 Jun 2021 17:52:05 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 48ms
10ms Image
image/png 2600:9000:2156:1800:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 02:36:22 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-sol: middleton
age: 400667
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: qa7_wgcU9pQvtJ8p_Fve1PNFAwbe5bZT66nGw9_C-e09tDmAVqU7ig==
last-modified: Fri, 28 May 2021 00:46:16 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA50-C1
display: staticcontent_sol
expires: Sun, 13 Jun 2021 02:36:22 GMT

GET
H2 200 augusta.js Show response
commandwindows.com/detroitchicago/ 2 KB
744 B 24ms
23ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/augusta.js?cb=12
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 3ab790f0057f16ba85f2ef67be0e5109dfffa102cda0356dadb2b0a4f4d14b41

Request headers

:path: /detroitchicago/augusta.js?cb=12
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 688

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 40ms
39ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:54:09 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 134ms
134ms XHR
text/plain 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=aa05931b-5308-4ea3-95a2-adf84f4ffde4&u=https%3A%2F%2Fcommandwindows.com%2F
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
via: 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://commandwindows.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: dgUW0A5qSBZb8m4ZiOI5_8vsRVy8ckEgNXSLJISrQj_CG0fBoTKXdA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 145 B
523 B 301ms
300ms XHR
text/javascript 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcommandwindows.com%2F&pid=saZKi1KxqM6vJ&cb=0&ws=1600x1200&v=7.66.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F104418548%2Fcommandwindows_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F104418548%2Fcommandwindows_com-banner-2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22250x250%22%5D%2C%22sn%22%3A%22%2F104418548%2Fcommandwindows_com-box-4%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F104418548%2Fcommandwindows_com-box-1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F104418548%2Fcommandwindows_com-box-2%22%7D%5D&cfgv=0&schain=1.0%2C1!ezoic.ai%2Cc58b3949b5c3a53357e53016653adaee%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: Server /
Resource Hash: 4ba31f51e4f6c8f7cdb5c1a110f139f726b0c6c4795ad4c9cf2bcf93580d85ac

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: CDG50-P2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://commandwindows.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 145
via: 1.1 015720ab3b3cbbc6f2312b46993e4bb7.cloudfront.net (CloudFront)
x-amz-cf-id: JGh7Ri_qEq_-AN1sD291yw6vB4s1JHr-q8uLk6-_uXLQCufchbtirQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 96ms
39ms XHR
application/javascript 52.222.200.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.200.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-200-121.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 82938
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Wed, 09 Jun 2021 18:51:51 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e832b62df62ac7dea0463212e63d91f7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: CDG50-P2
x-amz-cf-id: 4ZVCOtJWevSU9AOH8ZArYEKcP1epXYlYdSPnFPUVoHHDgQGdxuSCCA==

GET
H2 200 nmash.js
commandwindows.com/porpoiseant/ 33 KB
9 KB 25ms
25ms Other
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/nmash.js?v=19
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd

Request headers

:path: /porpoiseant/nmash.js?v=19
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:08 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
etag: "854d-5c3cf8fc12640;5c3cf8fc12640-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 204 fix Show response
commandwindows.com/jass/ 0
44 B 22ms
21ms XHR
application/json 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/jass/fix?headDomain=commandwindows.com&type=headDomain&url=commandwindows.com
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /jass/fix?headDomain=commandwindows.com&type=headDomain&url=commandwindows.com
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:08 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
vary: Accept-Encoding
content-type: application/json

GET
H2 200 rochester.js Show response
commandwindows.com/detroitchicago/ 3 KB
942 B 23ms
22ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/rochester.js?gcb=194-1&cb=10
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: b25d60344a243968e6588253f0e2ba19cd2847e72627c4fb70f8efb125366891

Request headers

:path: /detroitchicago/rochester.js?gcb=194-1&cb=10
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 909

GET
H2 200 imp.gif Show response
commandwindows.com/detroitchicago/ 43 B
120 B 27ms
27ms XHR
image/gif 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%225%2C31%2C3%2C0%2C1%2C95%2C99%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A3%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A146%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22615%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A2%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A4%2C%22page_ad_positions%22%3A%221000%2C1001%2C1003%2C1005%2C1031%2C1095%2C1099%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22af55c9e1-6a16-4923-4e54-571e715c6a32%22%2C%22position_selection_id%22%3A26%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A0%2C%22response_time_orig%22%3A84%2C%22serverid%22%3A%223.125.48.228%3A17887%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221031%2C1200%2C1224%2C1261%2C1300%2C1420%2C1480%22%2C%22t_epoch%22%3A1623347647%2C%22template_id%22%3A99%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fcommandwindows.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A655%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:path: /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%225%2C31%2C3%2C0%2C1%2C95%2C99%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A3%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A146%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22615%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A2%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A4%2C%22page_ad_positions%22%3A%221000%2C1001%2C1003%2C1005%2C1031%2C1095%2C1099%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22af55c9e1-6a16-4923-4e54-571e715c6a32%22%2C%22position_selection_id%22%3A26%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A0%2C%22response_time_orig%22%3A84%2C%22serverid%22%3A%223.125.48.228%3A17887%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221031%2C1200%2C1224%2C1261%2C1300%2C1420%2C1480%22%2C%22t_epoch%22%3A1623347647%2C%22template_id%22%3A99%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fcommandwindows.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A655%2C%22worst_bad_word_level%22%3A0%7D
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2 200 lazy_load.js Show response
commandwindows.com/tardisrocinante/ 13 KB
5 KB 23ms
22ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/tardisrocinante/lazy_load.js?gcb=1&cb=4
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 910c0a72ecc698017a61fc2a7d3d2358fa04aff13fe28540a0367a92b32d1a49

Request headers

:path: /tardisrocinante/lazy_load.js?gcb=1&cb=4
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
562 B 75ms
24ms Script
text/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 82dc0cf134dffaa511edafabde826b751ffb781b1da4574f1c599402625e2233

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
etag: eb99f570400c192b806bb00a8430ca63
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 276
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
54 B 84ms
35ms Script
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4513
date: Thu, 10 Jun 2021 16:38:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 10 Jun 2021 18:38:56 GMT

GET
H2 200 img.webp
commandwindows.com/utilcave_com/middleton/ 9 KB
10 KB 39ms
38ms Image
image/jpeg 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://commandwindows.com/utilcave_com/middleton/img.webp?cb=1&dirname=commandwindows_com&img=%2Fdirection%2Fimages%2Fmain-bg.jpg
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: cc66e8aacdf1d1b6eb8f63d72db15f346416621fcd3c540cda368448f7d99320

Request headers

:path: /utilcave_com/middleton/img.webp?cb=1&dirname=commandwindows_com&img=%2Fdirection%2Fimages%2Fmain-bg.jpg
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: commandwindows.com
referer: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
x-sol: middleton
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-middleton-display: staticcontent_sol
cache-control: max-age=31536000, max-age=604800
set-cookie: ezoab_146=mod1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:09 UTC ezoadgid_146=-1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:09 UTC ezoref_146=; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:09 UTC active_template::146=%2Fdirection%2Fdirection.1623347649; Path=/; Domain=commandwindows.com; Expires=Sat, 12 Jun 2021 17:54:09 UTC
expires: Thu, 17 Jun 2021 17:54:09 GMT

GET
H2 200 img.webp
commandwindows.com/utilcave_com/middleton/ 770 B
622 B 579ms
579ms Image
image/jpeg 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://commandwindows.com/utilcave_com/middleton/img.webp?cb=1&dirname=commandwindows_com&img=%2Fdirection%2Fimages%2Fimg01.jpg
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5a07291feded20a150aab27dffd4ffc0990d3062898801c079891a10ddcd58a5

Request headers

:path: /utilcave_com/middleton/img.webp?cb=1&dirname=commandwindows_com&img=%2Fdirection%2Fimages%2Fimg01.jpg
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; active_template::146=%2Fdirection%2Fdirection.1623347647; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: commandwindows.com
referer: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/utilcave_com/templates/combine.php?solCombine=1&dirname=commandwindows_com&ezcb=194-1&d=commandwindows.com&css=%2Futilcave_com%2Fmiddleton%2Fcss.php%3FsolCSS%3D1%26css%3D%2Fdirection%2Fdefault.css%26ezcb%3D194-1%26tdir%3D%2Fdirection%2F%26scss%3D1%26dirname%3Dcommandwindows_com%26did%3D146%26eztmp%3D1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: br
x-sol: middleton
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-middleton-display: staticcontent_sol
cache-control: max-age=31536000, max-age=604800
set-cookie: ezoab_146=mod1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:09 UTC ezoadgid_146=-1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:09 UTC ezoref_146=; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:09 UTC active_template::146=%2Fdirection%2Fdirection.1623347649; Path=/; Domain=commandwindows.com; Expires=Sat, 12 Jun 2021 17:54:09 UTC
content-length: 559
expires: Thu, 17 Jun 2021 17:54:09 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 142 KB
50 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 13:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51027
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 13:31:36 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 97 KB
34 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1d498e3e12268c6a8b066ddb3468f90be4471748e97e4cebdd4d11d5dc55f2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 00:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34410
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:30:12 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=695895372&utmhn=commandwindows.com&utme=8(template*t*rid*bra)9(%2Fdirection%2Fdirection*99*0*mod1)11(3!2)&utmcs=windows-1252&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29096671-22&cid=1178215692.1623347650&jid=825769364&_v=5.7.2&z=695895372

35 B
111 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29096671-22&cid=1178215692.1623347650&jid=825769364&_v=5.7.2&z=695895372

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Jun 2021 17:54:09 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29096671-22&cid=1178215692.1623347650&jid=825769364&_v=5.7.2&z=695895372
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 26ms
19ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=372636448&utmhn=commandwindows.com&utme=8(template*domain)9(%2Fdirection%2Fdirection*commandwindows.com)&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Windows%20Command%20Line%20Interpreter%7CShell%7CDOS%20Prompt%7CBatch%20Files%7CScripting&utmhid=1045620473&utmr=-&utmp=%2F&utmht=1623347649633&utmac=UA-38339005-1&utmcc=__utma%3D92376719.1178215692.1623347650.1623347650.1623347650.1%3B%2B__utmz%3D92376719.1623347650.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=788704110&utmredir=1&utmmt=1&utmu=iTAgAAAIACAAAAAAAAAAAABE~

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame ECAE 2 KB
815 B 22ms
21ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

714a9506013ce253a27f15e90401d66c2ea5bdb4596e7d4fa0623171f9d7b416

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ceVgSvqKh2SeQdFdieVy5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: POST
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton
content-length: 3977
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://commandwindows.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=aN_X31pwGmIRjxAXAMTRqGEprRwRACElRnU9s6f9lvENBte2wnVHB3hxOp74cMQb5wLWoBai6a6fTblC_0FoTrDOk8fVz_6hyZG0Y3dmEHbTvHMkqiO-c_SaktKxC6XEKq8_BS1X17xxITxNbdKsB6s6XW845zuvETf-Z0PNBdM
Upgrade-Insecure-Requests: 1
Origin: https://commandwindows.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 17:54:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-ceVgSvqKh2SeQdFdieVy5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 37ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 175 KB
58 KB 94ms
29ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/tardisrocinante/lazy_load.js?gcb=1&cb=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 076c63f713871e395188ffb1a8205e7c0a50a1e318220154f4c2b0cb6e96c887

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 05:49:32 GMT
etag: W/"2ba2f-O6yroDXPX5qnr291D402M/nC6Io"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: da49d6c5c5693a2ecf785d9f03f6b1ab
timing-allow-origin: *, *
content-length: 59189
expires: Thu, 10 Jun 2021 21:54:09 GMT

GET
DATA 200
OK truncated
/ 1018 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 474 B
284 B 476ms
475ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3805934715541330&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C310x320%7C370x350%7C360x410&prev_scp=a%3D%257C3%257C%26iid11%3D1061648%26iit%3D7%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1005%26sap%3D1300%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dcommandwindows_com-medrectangle-2-1061648%26eb_br%3D6e3dbf8073c405909ec8af8d5b00e67d%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D9980134984%26asau%3D5753788832%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26br1%3D800%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C0%2C28%2C67%2C45%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623347649&dt=1623347649693&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=3676449675&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=true&ga_wpids=UA-29096671-22&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3f95c6c7943528b884fcd0d06e734f6a23712f5895d41a52ef7dbe8cb4f56ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 55ms
17ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 greenoaks.gif Show response
commandwindows.com/detroitchicago/ 0
104 B 21ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiJlYjk5ZjU3MDQwMGMxOTJiODA2YmIwMGE4NDMwY2E2MyJ9XX1d
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiJlYjk5ZjU3MDQwMGMxOTJiODA2YmIwMGE4NDMwY2E2MyJ9XX1d
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:09 UTC

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 931 B
294 B 592ms
592ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=1975249955972713&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-2%2Ccommandwindows_com-box-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C310x320%7C320x360%7C350x380%2C300x600%7C310x320%7C340x390%7C350x410&prev_scp=a%3D%257C3%257C%26iid11%3D1020548%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1001%26sap%3D1224%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcommandwindows_com-box-2-1020548%26eb_br%3D98a7c2c9096dbe3d5e934f3291358a95%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D5905158604%26asau%3D4257036031%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26acptad%3D1%26br1%3D600%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C3%257C%26iid11%3D1022947%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1000%26sap%3D1200%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dcommandwindows_com-box-1-1022947%26eb_br%3Dff0a23bfbb2df2d0eb858bf2fd3eb0f2%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D4452476132%26asau%3D2780302833%26bv%3D24%26bvm%3D0%26bvr%3D2%26shp%3D2%26acptad%3D1%26br1%3D550%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C0%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623347649&dt=1623347649705&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=600%2C250&adys=292%2C610&adks=1139380737%2C3944075631&ucis=2%7C3&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x110%7C300x636&msz=728x90%7C300x600&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=true&ga_wpids=UA-29096671-22&fws=4%2C4&ohw=750%2C1100&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0a3f51a61a903a0254c435009298e23ba9f2d1ed5ac5b7566337869244a3b7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:41:13 GMT

GET
H2 200 edmonton.webp Show response
commandwindows.com/detroitchicago/ 4 KB
1 KB 25ms
22ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/edmonton.webp?dirname=commandwindows_com&cb=194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 4c26e179ae492250ba315e5b2f5dab890c9ce066172bea38313ceb338bbcf92f

Request headers

:path: /detroitchicago/edmonton.webp?dirname=commandwindows_com&cb=194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1328

GET
H2 200 jellyfish.webp Show response
commandwindows.com/porpoiseant/ 43 KB
10 KB 26ms
25ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/jellyfish.webp?dirname=commandwindows_com&cb=194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 8e4148996d058adc797a2fe1a17d9046a27a6a9e9f5f13c0c01b21d6488b9aad

Request headers

:path: /porpoiseant/jellyfish.webp?dirname=commandwindows_com&cb=194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 seattle.js Show response
commandwindows.com/detroitchicago/ 925 B
596 B 23ms
21ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/seattle.js?cb=194-1-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: ddef9cc59b08263b13a4e437e55888036ea31f33ce85225146867cc69aa3313f

Request headers

:path: /detroitchicago/seattle.js?cb=194-1-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
etag: "39d-5c3cf8fc12640;5c3cf8fc12640-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 451

GET
H2 200 houston.js Show response
commandwindows.com/detroitchicago/ 3 KB
1 KB 26ms
24ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/houston.js?gcb=1&cb=36
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa

Request headers

:path: /detroitchicago/houston.js?gcb=1&cb=36
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1163

GET
H2 200 anchorfix.js Show response
commandwindows.com/ezoic/ 879 B
440 B 27ms
26ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/ezoic/anchorfix.js?cb=21
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

:path: /ezoic/anchorfix.js?cb=21
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex noindex
content-length: 383
expires: Fri, 10 Jun 2022 17:54:09 GMT

GET
H2 200 stickyfix.js Show response
commandwindows.com/ezoic/ 2 KB
705 B 478ms
476ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/ezoic/stickyfix.js?gcb=1&cb=19
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dbbd9c6c56c24a1345945fb630a7ed33182f65fc8d6baa5b2e2daeee9618f649

Request headers

:path: /ezoic/stickyfix.js?gcb=1&cb=19
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex noindex
content-length: 671
expires: Fri, 10 Jun 2022 17:54:09 GMT

GET
H2 200 vitals.js Show response
commandwindows.com/tardisrocinante/ 4 KB
2 KB 27ms
26ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/tardisrocinante/vitals.js?gcb=1&cb=3
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 633411252cd3723532e0cb3c8c4214863de95cb26997c7ff3273aaf8f55d0d2a

Request headers

:path: /tardisrocinante/vitals.js?gcb=1&cb=3
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1657

GET
H/1.1

200
OK

Cookie set iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame C4F9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t

267 B
949 B

198ms
194ms

Document
text/html

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 656396bf1faf1ae0a1f5edbbe80900ed5b6f04123ddc8376516dd5d842d4abd7

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://commandwindows.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A3M-2jpbk0yLm5fCs6_Bs-I|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

Server: Server
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 212
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A3M-2jpbk0yLm5fCs6_Bs-I; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 17:54:09 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 17:54:10 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Thu, 10 Jun 2021 17:54:09 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t
Set-Cookie: ad-id=A3M-2jpbk0yLm5fCs6_Bs-I|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 17:54:09 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 4154 566 B
879 B 38ms
17ms Document
text/html 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcommandwindows.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95816da4f4bcc48ba22daef1c6f131b0c2611d07e995cb653f44d9f26b6f3c85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UZ/VhHjTNU3xdbPFt9V2mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcommandwindows.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=aN_X31pwGmIRjxAXAMTRqGEprRwRACElRnU9s6f9lvENBte2wnVHB3hxOp74cMQb5wLWoBai6a6fTblC_0FoTrDOk8fVz_6hyZG0Y3dmEHbTvHMkqiO-c_SaktKxC6XEKq8_BS1X17xxITxNbdKsB6s6XW845zuvETf-Z0PNBdM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 10 Jun 2021 17:54:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-UZ/VhHjTNU3xdbPFt9V2mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame ECAE 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:54:09 GMT

GET
H2 200 livonia.webp Show response
commandwindows.com/detroitchicago/ 13 KB
4 KB 52ms
51ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/livonia.webp?dirname=commandwindows_com&cb=194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f3bd20d01b128b188d6b6b0409a73d2cc4e4d02aa3d6a518d80567703af71c7f

Request headers

:path: /detroitchicago/livonia.webp?dirname=commandwindows_com&cb=194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex
content-length: 3955

GET
H2 200 fire.webp Show response
commandwindows.com/porpoiseant/ 14 KB
4 KB 28ms
28ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/fire.webp?dirname=commandwindows_com&cb=194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f91ee2e457ad58dfe024d4608de8cfce0b2e5fa1c5478269f4cd013377c72feb

Request headers

:path: /porpoiseant/fire.webp?dirname=commandwindows_com&cb=194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex
content-length: 3889

GET
H2 200 jass.tail.js Show response
commandwindows.com/jass/ 16 KB
5 KB 24ms
23ms Script
text/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/jass/jass.tail.js?cb=85
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 78eeb94a98535644346ca02fe218cbdedba4fe3ab34f64a897a02849b06f49f8

Request headers

:path: /jass/jass.tail.js?cb=85
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
vary: Accept-Encoding Accept-Encoding
content-type: text/javascript

GET
H2 200 drloader.js Show response
commandwindows.com/utilcave_com/dr/ 12 KB
3 KB 38ms
38ms Script
application/javascript 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/utilcave_com/dr/drloader.js?dirname=commandwindows_com&194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: d08a9476a75ce70b809a528e013c76ce2c649c298af7cd5304204292eee19131

Request headers

:path: /utilcave_com/dr/drloader.js?dirname=commandwindows_com&194-1
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
display: staticcontent_sol
etag: "312e-5bd497273b080-gzip-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=31536000
set-cookie: ezoab_146=mod1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:09 UTC ezoadgid_146=-1; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 18:24:09 UTC ezoref_146=; Path=/; Domain=commandwindows.com; Expires=Thu, 10 Jun 2021 19:54:09 UTC active_template::146=%2Fdirection%2Fdirection.1623347649; Path=/; Domain=commandwindows.com; Expires=Sat, 12 Jun 2021 17:54:09 UTC
x-sol: middleton
content-length: 2683
expires: Fri, 10 Jun 2022 17:54:09 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 8D39 416 B
799 B 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1623046241.263845"
last-modified: Mon, 07 Jun 2021 05:48:59 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Thu, 10 Jun 2021 17:54:09 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1623347649~rv=53~id=b0279c2ad0de13389ec3ef7df9ed4e4c; path=/; Expires=Thu, 10 Jun 2021 17:54:09 GMT; Secure; SameSite=None

GET
H/1.1 200
OK Y29tbWFuZHdpbmRvd3MuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 95ms
39ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/Y29tbWFuZHdpbmRvd3MuY29t
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:10 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=8338
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 80c9db4a4bfe84071640d861dd06d8c5
Content-Length: 16
Expires: Thu, 10 Jun 2021 20:13:08 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 38ms
28ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.8519198154857257
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 10 Jul 2021 17:54:09 GMT

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 4154 10 KB
5 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcommandwindows.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 02:30:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 22:07:24 GMT

GET
H3-29 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 4154 12 KB
5 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcd36419da7937e52754772f60380387c49f3243240a21f41ca6d87346f72a0e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fz2pNO6B/fiNMlK3VaaPdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "9315aed2f49db41de65f19f75330f816"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-fz2pNO6B/fiNMlK3VaaPdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 10 Jun 2021 17:54:09 GMT

GET
H2 204 fix Show response
commandwindows.com/jass/ 0
16 B 23ms
22ms XHR
application/json 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/jass/fix?domain=commandwindows.com&type=domain&url=commandwindows.com
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /jass/fix?domain=commandwindows.com&type=domain&url=commandwindows.com
pragma: no-cache
cookie: ezouid_146=1262149469; template99::domain146::headerpic::viewed=1; ezoadgid_146=-1; ezoref_146=; ezoab_146=mod1; ezopvc_146=1; ezepvv=0; ezovid_146=471789710; lp_146=https://commandwindows.com/; ezovuuidtime_146=1623347647; ezovuuid_146=58be72d6-a2ec-4110-7783-ca4f47977334; ezCMPCCS=true; ezouspvv=0; ezouspva=0; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; active_template::146=%2Fdirection%2Fdirection.1623347649; __utma=92376719.1178215692.1623347650.1623347650.1623347650.1; __utmc=92376719; __utmz=92376719.1623347650.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt_e=1; __utmt_f=1; __utmb=92376719.2.10.1623347650; ezosuigeneris=eb99f570400c192b806bb00a8430ca63
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:09 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
vary: Accept-Encoding
content-type: application/json

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 8D39 610 B
992 B 27ms
26ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1623046241.955832"
last-modified: Mon, 07 Jun 2021 05:48:59 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Thu, 10 Jun 2021 17:54:09 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1623347649~rv=43~id=0d175f9be0f238f0126ddc3090d9cd87; path=/; Expires=Thu, 10 Jun 2021 17:54:09 GMT; Secure; SameSite=None

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 4154 50 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ed7961b640cad3efd4a453277533d8f8c87368d0b46fde38fd5d8d7d9a7dea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 18:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18016
x-xss-protection: 0
last-modified: Wed, 19 May 2021 15:07:34 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 18:54:06 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 422ms
105ms XHR
application/json 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1623347650023&sessionId=a5939df8-a64f-622a-3af3-00322d00c9e1&url=commandwindows.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 54fa22b94d455bb10f5ff7295d7a31a2
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame CE6D 2 KB
945 B 41ms
40ms Document
text/html 52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 6b5117f0b1a89b322a53d03ed18ceb8abf23cd0723a9339b94e6b860fe8a994e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A3M-2jpbk0yLm5fCs6_Bs-I; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&dcc=t

Response headers

Server: Server
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 584
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
H2

200

usersync
rtb.gumgum.com/ Frame CE6D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1739347767
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1739347767
https://sync.1rx.io/usersync/tradedesk/a1fa1058-b415-4147-87bf-79116f253f4d
https://sync.targeting.unrulymedia.com/csync/RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003

35 B
237 B

50ms
50ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
date: Thu, 10 Jun 2021 17:54:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0835e5df11734beabd98beac5d3d9b5b003
content-type: text/html

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame 863F 4 KB
2 KB 134ms
44ms Document
text/html 52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0e5105562ff30811565d5b8ae3b6be336d4957d61623997e860e90c9679a6c01

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: text/html;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
set-cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d; Domain=.gumgum.com; Expires=Fri, 10-Jun-2022 17:54:10 GMT; Path=/; Secure; SameSite=None
etag: W/"0a89489f3145650d335bc9d2e9f4fa721"
timing-allow-origin: *
content-encoding: gzip

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 1689
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
3 KB

62ms
62ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 55fd8bce8a649d1883886d0b9f4486c5fd617f0374ccd8d47c918c0238f0c922

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMJRwnnBf2s.5Lkz6rVxJQAA; CMPS=3202
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|111|195|218|5
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1772
Expires: Thu, 10 Jun 2021 17:54:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Connection: keep-alive
Set-Cookie: CMID=YMJRwnnBf2s.5Lkz6rVxJQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:10 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:10 GMT CMPRO=1211;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:10 GMT CMRUM3=6f60c251c205a0&da60c251c22760&c360c251c205a00&0560c251c205a0&f160c251c205a0&2d60c251c205a0&2760c251c20b40&e660c251c22760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:10 GMT CMST=YMJRwmDCUcIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 17:54:10 GMT

Redirect headers

Server: Apache
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 10 Jun 2021 17:54:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Connection: keep-alive
Set-Cookie: CMID=YMJRwnnBf2s.5Lkz6rVxJQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:10 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:10 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DF39 8 KB
3 KB 79ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=133278
expires: Sat, 12 Jun 2021 06:55:28 GMT
date: Thu, 10 Jun 2021 17:54:10 GMT
vary: Accept-Encoding

GET
H2 204 current
amazon-tam-match.dotomi.com/match/bounce/ Frame 0BAF 0
0 88ms
62ms Document
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: amazon-tam-match.dotomi.com
:scheme: https
:path: /match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:10 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 2957
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7847840062258970552&ex=appnexus.com

43 B
344 B

65ms
39ms

Document
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7847840062258970552&ex=appnexus.com
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

Server: nginx/1.17.9
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7847840062258970552&ex=appnexus.com
AN-X-Request-Uuid: 8204d472-b941-4f9e-9497-e77e753ab972
Set-Cookie: uuid2=7847840062258970552; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 08-Sep-2021 17:54:10 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.117:80

GET
H/1.1

200
OK

Cookie set amazon Show response
ap.lijit.com/beacon/ Frame DF0D
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1

1 KB
1 KB

27ms
26ms

Document
text/html

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: cfb5dc63a0d331c654b627e921bee640d24f66f7b93e4eb0ceab9f1d3c308700

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljt_reader=b8c3a08c8791a78a22a71fe0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJyrVrIwVrIyNDMyMTU1NzI10FGyMEXjm6HxzVH5RhB5Y2NLAwtTg1oAmvQQVQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 10-Jun-2022 17:54:10 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=b8c3a08c8791a78a22a71fe0;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap7ams1

Redirect headers

Server: nginx
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Length: 0
Set-Cookie: ljt_reader=b8c3a08c8791a78a22a71fe0;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap7ams1

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 208D
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=7635250732139091600

43 B
344 B

39ms
39ms

Document
image/gif

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=7635250732139091600
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_rx_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Server
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

Redirect headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-length: 0
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=7635250732139091600
set-cookie: tluid=7635250732139091600; Max-Age=7776000; Expires=Wed, 08 Sep 2021 17:54:10 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 greenoaks.gif Show response
commandwindows.com/detroitchicago/ 0
19 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjIxOTUifV19XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjIxOTUifV19XQ==
pragma: no-cache
cookie: __gads=ID=c4981e73b5c22539-22cad2565dc8002a:T=1623347649:S=ALNI_MY50LOCv4fGWI4mfGY1tz2Ixynacw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:09 UTC

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ 35 KB
14 KB 348ms
301ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fcommandwindows.com%2F&idx=0&rand=47599&key=EZOICL9MFJN21JB32NFBE7ODP&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&extid=146_1_420_100x480&px=600&py=2700&vpd=1500&cw=750&settings=true&recs=true&version=2000370&sig=dRfTTMLG&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d5b02899512d246abb31ec58962287ddc495ded3d1b1570008b25eae06b9be9b

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: gzip
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.83
x-cache-hits: 0, 0
x-traceid: 680e1c8dcfcca5adf263197c3b0f7797
content-length: 13539
x-served-by: cache-mdw17383-MDW, cache-fra19120-FRA
pragma: no-cache
x-timer: S1623347650.283960,VS0,VE283
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DF77 38 KB
14 KB 29ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=132262
expires: Sat, 12 Jun 2021 06:38:32 GMT
date: Thu, 10 Jun 2021 17:54:10 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame DF0D 43 B
344 B 49ms
39ms Image
image/gif 52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=b8c3a08c8791a78a22a71fe0&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DF0D
Redirect Chain

https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
https://ce.lijit.com/merge?pid=86&3pid=5ohsCtRatPkfEuiX4nyf&pi=sovrn&gdpr_consent=&gdpr=0&tc=1

43 B
852 B

111ms
27ms

Image
image/gif

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=86&3pid=5ohsCtRatPkfEuiX4nyf&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=86&3pid=5ohsCtRatPkfEuiX4nyf&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT, Thu, 10 Jun 2021 17:54:10 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DF0D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ce.lijit.com/merge?pid=85&3pid=AACVAU7BhKQAADEnl-nfPg&gdpr=0

43 B
854 B

57ms
28ms

Image
image/gif

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AACVAU7BhKQAADEnl-nfPg&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AACVAU7BhKQAADEnl-nfPg&gdpr=0
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame DF0D
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx
https://x.bidswitch.net/sync?dsp_id=59&user_id=02bd2864-8bc7-4853-9d9a-761c6f9c3d1b&ssp=fmx
https://ce.lijit.com/merge?pid=26&3pid=4fee5273-4871-4ba5-a116-35f56c8f47d4
https://ce.lijit.com/merge?pid=26&3pid=4fee5273-4871-4ba5-a116-35f56c8f47d4&dnr=1

0
433 B

27ms
26ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=4fee5273-4871-4ba5-a116-35f56c8f47d4&dnr=1
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:17 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=26&3pid=4fee5273-4871-4ba5-a116-35f56c8f47d4&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DF0D
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=83&3pid=KPR7A0CJ-1Z-BO7O&gdpr=0

43 B
1 KB

27ms
27ms

Image
image/gif

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=83&3pid=KPR7A0CJ-1Z-BO7O&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:11 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ce.lijit.com/merge?pid=83&3pid=KPR7A0CJ-1Z-BO7O&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DF0D
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=7813a075-a6bb-4d29-b9b0-2b47a1fd5c49

43 B
868 B

97ms
27ms

Image
image/gif

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=7813a075-a6bb-4d29-b9b0-2b47a1fd5c49
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ap.lijit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: //ce.lijit.com/merge?pid=87&3pid=7813a075-a6bb-4d29-b9b0-2b47a1fd5c49
Date: Thu, 10 Jun 2021 17:54:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=7847840062258970552

35 B
237 B

51ms
51ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=7847840062258970552
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: dd25d7e6-67f4-423d-9110-d3c27a6183cb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=7847840062258970552
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_10c48a46-296b-4680-9c1f-9d4360ab851d&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_10c48a46-296b-4680-9c1f-9d4360ab851d&gdpr=&gdpr_consent=&us_privacy=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=70&user_id=1788984194979523097&ssp=gumgum2
https://rtb.gumgum.com/usersync?b=bsw&i=550dafd9-b18d-456e-b12a-f6fc223f1dd9

35 B
237 B

55ms
54ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=bsw&i=550dafd9-b18d-456e-b12a-f6fc223f1dd9
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: //rtb.gumgum.com/usersync?b=bsw&i=550dafd9-b18d-456e-b12a-f6fc223f1dd9
date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 863F
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
https://rtb.gumgum.com/usersync?b=obn&i=ENC%287ZOKR4dQohyUa8kZ28KIbL_8eQSemIYhbyxPlx0zVBD_VFfXfVcpaMDTOxeyy30j%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_10c48a46-296b-4680-9c1f-9d4360ab851d&obuid=ENC(7ZOKR4dQohyUa8kZ28KIbL_8eQSemIYhbyxPlx0zVBD_VFfXfVcpaMDTOxeyy30j)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7847840062258970552&obUid=0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn

0
291 B

110ms
110ms

Image
text/plain

64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7847840062258970552&obUid=0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:11 GMT
Cache-Control: no-cache
X-TraceId: a14d72be453ee93322f37af7da8a700c
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:11 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 1e6e3403-c2f7-4127-b162-14cb391ceb84
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7847840062258970552&obUid=0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://rtb.gumgum.com/usersync?b=opx&i=f7597789-4ff0-4f8c-84b1-b39ab7496f5f

35 B
237 B

51ms
50ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=opx&i=f7597789-4ff0-4f8c-84b1-b39ab7496f5f
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://rtb.gumgum.com/usersync?b=opx&i=f7597789-4ff0-4f8c-84b1-b39ab7496f5f
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=sta&i=0-358a6cef-fc1d-4851-5b71-2eefde6d6a41$ip$185.156.175.107

35 B
237 B

51ms
51ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=sta&i=0-358a6cef-fc1d-4851-5b71-2eefde6d6a41$ip$185.156.175.107
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=sta&i=0-358a6cef-fc1d-4851-5b71-2eefde6d6a41$ip$185.156.175.107
Date: Thu, 10 Jun 2021 17:54:10 GMT
Connection: keep-alive
Content-Length: 124
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=oth&i=y-gVlMiDtE2pd3N5GUlMF3WQzxIEuULJdueEUe~A

35 B
237 B

50ms
49ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=oth&i=y-gVlMiDtE2pd3N5GUlMF3WQzxIEuULJdueEUe~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

date: Thu, 10 Jun 2021 17:54:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://rtb.gumgum.com/usersync?b=oth&i=y-gVlMiDtE2pd3N5GUlMF3WQzxIEuULJdueEUe~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
https://rtb.gumgum.com/usersync?b=vnt&i=dc2a5339-ca14-11eb-902d-3f2e221f272b

35 B
237 B

50ms
50ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=vnt&i=dc2a5339-ca14-11eb-902d-3f2e221f272b
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=vnt&i=dc2a5339-ca14-11eb-902d-3f2e221f272b
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: dc2a533a-ca14-11eb-902d-3f2e221f272b

GET
H2 204 services
sync.technoratimedia.com/ Frame 863F 0
294 B 347ms
112ms Image
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 367556549
access-control-allow-origin: https://rtb.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame 863F 0
44 B 323ms
104ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-length: 0
server: a

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_10c48a46-296b-4680-9c1f-9d4360ab851d&gdpr=&gdpr_consent=&us_privacy=
https://rtb.gumgum.com/usersync?b=zem&i=

35 B
237 B

46ms
46ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Location: https://rtb.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 67
Content-Type: text/html; charset=utf-8

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://rtb.gumgum.com/usersync?b=idi&i=a364113e-a7e5-438f-b84f-f38e4c2a43fd

35 B
237 B

46ms
46ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=idi&i=a364113e-a7e5-438f-b84f-f38e4c2a43fd
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:13 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=idi&i=a364113e-a7e5-438f-b84f-f38e4c2a43fd
date: Thu, 10 Jun 2021 17:54:13 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5100588225
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5100588225
https://sync.1rx.io/usersync/tradedesk/a1fa1058-b415-4147-87bf-79116f253f4d
https://sync.targeting.unrulymedia.com/csync/RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003

35 B
237 B

50ms
50ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

location: https://rtb.gumgum.com/usersync?b=rhy&i=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
date: Thu, 10 Jun 2021 17:54:11 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX0835e5df11734beabd98beac5d3d9b5b003
content-type: text/html

GET
H2

200

usersync
rtb.gumgum.com/ Frame 863F
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=2QK90WGwx4Jj&ev=1&pid=558355

35 B
237 B

46ms
45ms

Image
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=2QK90WGwx4Jj&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:14 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://rtb.gumgum.com/usersync?b=pln&i=2QK90WGwx4Jj&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-8474b759f8-b2w8f
expires: -1

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 863F 43 B
344 B 43ms
42ms Image
image/gif 52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame D576
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=&gdpr_consent=

35 B
237 B

55ms
54ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Thu, 10 Jun 2021 17:56:01 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3759 5f8f15b master cdg-pixel-x6
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=bcbf60c2-51c2-4a00-9539-83fdb0b5c715; domain=.mathtag.com; path=/; expires=Fri, 08-Jul-2022 17:54:10 GMT; SameSite=None; Secure
location: https://rtb.gumgum.com/usersync?b=mmh&i=bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=&gdpr_consent=
Expires: Thu, 10 Jun 2021 17:56:00 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 6E76
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg
https://rtb.gumgum.com/usersync?b=atm&i=YMJRwgABdgHpewBg&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg

35 B
237 B

51ms
51ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=atm&i=YMJRwgABdgHpewBg&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=atm&i=YMJRwgABdgHpewBg&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

server: Varnish
retry-after: 0
location: https://rtb.gumgum.com/usersync?b=atm&i=YMJRwgABdgHpewBg&gdpr=&gdpr_consent=&_test=YMJRwgABdgHpewBg
accept-ranges: bytes
date: Thu, 10 Jun 2021 17:54:10 GMT
via: 1.1 varnish
x-served-by: cache-fra19145-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1623347650.457616,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 5000 170 B
523 B 85ms
32ms Document
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xMGM0OGE0Ni0yOTZiLTQ2ODAtOWMxZi05ZDQzNjBhYjg1MWQ=&gdpr=&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: cm.g.doubleclick.net
:scheme: https
:path: /pixel?google_nid=gumgum_dbm&google_hm=ZV8xMGM0OGE0Ni0yOTZiLTQ2ODAtOWMxZi05ZDQzNjBhYjg1MWQ=&gdpr=&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: image/png
date: Thu, 10 Jun 2021 17:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F4F9 8 KB
3 KB 28ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

last-modified: Tue, 01 Jun 2021 06:44:25 GMT
etag: "1300708-2080-5c3aeac410031"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2586
content-type: text/html; charset=UTF-8
cache-control: max-age=133278
expires: Sat, 12 Jun 2021 06:55:28 GMT
date: Thu, 10 Jun 2021 17:54:10 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame A2D5 0
0 400ms
134ms Document
text/plain 208.100.17.172
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip172.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

x-33x-status: 2020008
server: 33XP004
date: Thu, 10 Jun 2021 17:54:09 GMT

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 066F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=ttd&i=a1fa1058-b415-4147-87bf-79116f253f4d&t=1625939650

35 B
237 B

51ms
50ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=ttd&i=a1fa1058-b415-4147-87bf-79116f253f4d&t=1625939650
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=ttd&i=a1fa1058-b415-4147-87bf-79116f253f4d&t=1625939650
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: text/html
content-length: 209
location: https://rtb.gumgum.com/usersync?b=ttd&i=a1fa1058-b415-4147-87bf-79116f253f4d&t=1625939650
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=a1fa1058-b415-4147-87bf-79116f253f4d; domain=.adsrvr.org; expires=Fri, 10-Jun-2022 17:54:10 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwiYscq075DWORAFOAE.; domain=.adsrvr.org; expires=Fri, 10-Jun-2022 17:54:10 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 um
cs.emxdgt.com/ Frame C1A6 0
0 1129ms
26ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

content-type: text/html
date: Thu, 10 Jun 2021 17:54:10 GMT
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame DD85
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://rtb.gumgum.com/usersync?b=sus&i=YMJRwsCo5ukAAB.kF6cAAAAA

35 B
237 B

50ms
50ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=sus&i=YMJRwsCo5ukAAB.kF6cAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=sus&i=YMJRwsCo5ukAAB.kF6cAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Server: nginx
Date: Thu, 10 Jun 2021 17:54:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://rtb.gumgum.com/usersync?b=sus&i=YMJRwsCo5ukAAB.kF6cAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie: SOC=YMJRwsCo5ukAAB.kF6cAAAAA; path=/; expires=Sat, 10-Jun-23 17:54:10 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time: 1
X-SO-HostName: a-ad40019.dc2p.scaleout.jp
X-SO-LB-Hostname: a-tgng40018.dc2p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":12,"gdpr":false,"ipv4":"185.156.175.107","key":"YMJRwsCo5ukAAB.kF6cAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40019"}
X-SO-Key: YMJRwsCo5ukAAB.kF6cAAAAA
X-SO-IP: 185.156.175.107
X-SO-Cluster-ID: 12
X-SO-Upstream-ID: a-ad40019

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 4FEA
Redirect Chain

https://p.rfihub.com/cm?pub=42796&in=1
https://rtb.gumgum.com/usersync?b=zet&i=2159827871561967873

35 B
237 B

52ms
51ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=zet&i=2159827871561967873
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=zet&i=2159827871561967873
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Thu, 10 Jun 2021 17:54:11 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAFslxmtoZmRsbGJuZmpoYmIIAPH4jREQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 5 Jul 2022 17:54:11 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzQ1M7Q0AzKMhfgMdUMsQoK8K8zCXJMdA6V4Dc2MjI1NzM1MDU1MDACMXdQHNAAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 5 Jul 2022 17:54:11 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzQ1M7Q0AzKMhfgMdUMsQoK8K8zCXJMdAwEKYeCgJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://rtb.gumgum.com/usersync?b=zet&i=2159827871561967873
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame CF53
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://rtb.gumgum.com/usersync?b=rth&i=5ohsCtRatPkfEuiX4nyf&pi=gumgum&tc=1

35 B
237 B

51ms
51ms

Document
image/gif

52.208.210.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=rth&i=5ohsCtRatPkfEuiX4nyf&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=rth&i=5ohsCtRatPkfEuiX4nyf&pi=gumgum&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rtb.gumgum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_10c48a46-296b-4680-9c1f-9d4360ab851d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rtb.gumgum.com/

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

date: Thu, 10 Jun 2021 17:54:10 GMT Thu, 10 Jun 2021 17:54:10 GMT
location: https://rtb.gumgum.com/usersync?b=rth&i=5ohsCtRatPkfEuiX4nyf&pi=gumgum&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DF77 4 KB
4 KB 1124ms
35ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88757617&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fac137995747a97f0ea71fe849ac9f7f9f84a280a5b879d1089ce7bb552ba3ac

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7945 38 KB
14 KB 35ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=132262
expires: Sat, 12 Jun 2021 06:38:32 GMT
date: Thu, 10 Jun 2021 17:54:10 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1689
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJa1WeRUTzqYuhA_U8AwZ04&google_cver=1

43 B
315 B

48ms
47ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJa1WeRUTzqYuhA_U8AwZ04&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJa1WeRUTzqYuhA_U8AwZ04&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1689
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB&dcc=t

43 B
720 B

135ms
135ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:11 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1689
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMJRwnnBf2s.5Lkz6rVxJQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDU8R9L0olr_BJHEFaMyr28&google_cver=1&google_hm=2

43 B
1000 B

35ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDU8R9L0olr_BJHEFaMyr28&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDU8R9L0olr_BJHEFaMyr28&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1689 70 B
264 B 55ms
48ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMJRwnnBf2s.5Lkz6rVxJQAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1689
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3375910884113828910&expiration=1624557251

43 B
1 KB

136ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3375910884113828910&expiration=1624557251
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3375910884113828910&expiration=1624557251
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1689
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-244b8c86-b593-435d-a31b-25d6d697ddfe
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-244b8c86-b593-435d-a31b-25d6d697ddfe&C=1

43 B
1 KB

53ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-244b8c86-b593-435d-a31b-25d6d697ddfe&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:13 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-244b8c86-b593-435d-a31b-25d6d697ddfe&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 304
Expires: Thu, 10 Jun 2021 17:54:13 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1689
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMJRwnnBf2s.5Lkz6rVxJQAA%261211?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRwnnBf2s.5Lkz6rVxJQAA%261211

42 B
973 B

47ms
47ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRwnnBf2s.5Lkz6rVxJQAA%261211

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-0644320d8.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: pKdqqscMTps=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v008-00686a07f.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ftbu46UGQww=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRwnnBf2s.5Lkz6rVxJQAA%261211
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 1689 0
0 22ms
20ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1689 43 B
344 B 41ms
39ms Image
image/gif 52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YMJRwnnBf2s-5Lkz6rVxJQAABLsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:10 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 297D 2 KB
1 KB 29ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=46bc50c5-5a6a-4b66-bc6c-9a8467034420
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obUserFrame/test.html?lsd=46bc50c5-5a6a-4b66-bc6c-9a8467034420
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=46bc50c5-5a6a-4b66-bc6c-9a8467034420; recs_92e3053011731eda1bcfc5907b7313fb=0B2191373537A3495349724A3316941851A3292102468A3100304660A2301636376ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1623046244.267514"
last-modified: Mon, 07 Jun 2021 05:48:59 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=345600
date: Thu, 10 Jun 2021 17:54:10 GMT
content-length: 686
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1623347650~rv=12~id=3343de8dd6aa20c34a57bca6559fae4d; path=/; Expires=Thu, 10 Jun 2021 17:54:10 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C98B 361 B
739 B 33ms
32ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=46bc50c5-5a6a-4b66-bc6c-9a8467034420; recs_92e3053011731eda1bcfc5907b7313fb=0B2191373537A3495349724A3316941851A3292102468A3100304660A2301636376ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 10 Jun 2021 17:54:10 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1623347650~rv=21~id=4a6e13f40e9a0ff0bcd2cb6add569b64; path=/; Expires=Thu, 10 Jun 2021 17:54:10 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8F5D 361 B
738 B 34ms
34ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=46bc50c5-5a6a-4b66-bc6c-9a8467034420; recs_92e3053011731eda1bcfc5907b7313fb=0B2191373537A3495349724A3316941851A3292102468A3100304660A2301636376ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 10 Jun 2021 17:54:10 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1623347650~rv=8~id=f9aa4af29f25a4750084304e49aa2e96; path=/; Expires=Thu, 10 Jun 2021 17:54:10 GMT; Secure; SameSite=None

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 36ms
35ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sat, 10 Jul 2021 17:54:10 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 37ms
36ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sat, 10 Jul 2021 17:54:10 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 782ms
135ms Fetch
text/plain 64.74.236.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=8a9012c298d867679d75f89cee9eda1d_6420_1623347650498&tm=675&eT=0&widgetWidth=750&widgetHeight=716&widgetX=600&widgetY=2650&tpcs=0&wRV=2000370&pVis=1&lsd=46bc50c5-5a6a-4b66-bc6c-9a8467034420&eIdx=&ccpa=1---&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Jun 2021 17:54:11 GMT
content-encoding: gzip
X-TraceId: ec00adec1f5ca89f56fd1dd18c89db0a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame FDBA 16 KB
6 KB 29ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 52b5c48a40fa3855f3b617ae95be55fecc1c5b487cef0f83d1dcd83f93b706fc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=46bc50c5-5a6a-4b66-bc6c-9a8467034420; recs_92e3053011731eda1bcfc5907b7313fb=0B2191373537A3495349724A3316941851A3292102468A3100304660A2301636376ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "097e16da5d53acac1e9c5865ffdadd67:1623068428.808474"
last-modified: Mon, 07 Jun 2021 12:15:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 11 Jun 2021 17:54:10 GMT
date: Thu, 10 Jun 2021 17:54:10 GMT
content-length: 5464
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1623347650~rv=79~id=8d2be22750ee16ac0081e4e02eeacfa0; path=/; Expires=Thu, 10 Jun 2021 17:54:10 GMT; Secure; SameSite=None

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ 26 KB
10 KB 293ms
293ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fcommandwindows.com%2F&idx=1&rand=75847&key=EZOICL9MFJN21JB32NFBE7ODP&widgetJSId=SB_3&va=true&et=true&format=html&lsd=46bc50c5-5a6a-4b66-bc6c-9a8467034420&lsdt=1623347650586&pdobuid=0&t=OGE5MDEyYzI5OGQ4Njc2NzlkNzVmODljZWU5ZWRhMWQ=&adblck=false&abwl=false&extid=146_1_480_100x190&px=250&py=1265&vpd=65&settings=true&recs=true&version=2000370&sig=dRfTTMLG&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 29cafdb806a19e65ac89de53b7e637038430fdd796448b94fa5e7646daac0563

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: gzip
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.57
x-cache-hits: 0, 0
x-traceid: d5f7bf721b50230d962c8b3589276a5b
content-length: 10202
x-served-by: cache-mdw17357-MDW, cache-fra19120-FRA
pragma: no-cache
x-timer: S1623347651.616290,VS0,VE274
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImI1MmU3OTNmNzZiNzVjN2QyOGJmM2U1YWYzOTAwZjU1MWEyYzMzOTAwY2EyYjk2NTY1ODUzMDU5YWIzNzQ4MzIiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 67 KB
67 KB 7362ms
36ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI1MmU3OTNmNzZiNzVjN2QyOGJmM2U1YWYzOTAwZjU1MWEyYzMzOTAwY2EyYjk2NTY1ODUzMDU5YWIzNzQ4MzIiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe5493766afe3de391bb98b852762e483ff38839b847d568f72ac2560990bc1c

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=2102788
last-modified: Tue, 25 May 2021 13:27:03 GMT
x-traceid: edaab06d13cc330f5cf72d3a1f1c45c3
timing-allow-origin: *
content-length: 68540
content-type: image/webp

GET
H2 200 eyJpdSI6IjZmZDljMWI5OWFlOGZjNDdlZjA1N2U1MDEyMTg5MmEzMWU3Y2NlYjEwMzE2MTkxZTZlNGViZWI5NTRlMTY0NWQiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 30 KB
30 KB 7387ms
63ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZmZDljMWI5OWFlOGZjNDdlZjA1N2U1MDEyMTg5MmEzMWU3Y2NlYjEwMzE2MTkxZTZlNGViZWI5NTRlMTY0NWQiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 57852b0873517fb9167b9dbebf33a5fdf422689b02e7e8f56a46d2e689d384ad

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=745440
last-modified: Fri, 07 May 2021 07:39:52 GMT
x-traceid: 5ffbdf712e1e7d341224a012664b3182
timing-allow-origin: *
content-length: 30624
content-type: image/webp

GET
H2 200 eyJpdSI6ImYxNDZlYjM1NjgyMDVhNzViNjUwYmY5YjYzNTYzOTZiYmFjMGQzNzBiNWJiOGU3MWU5MTUzZTk5YTA1ODhhNTUiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 69 KB
69 KB 7386ms
63ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYxNDZlYjM1NjgyMDVhNzViNjUwYmY5YjYzNTYzOTZiYmFjMGQzNzBiNWJiOGU3MWU5MTUzZTk5YTA1ODhhNTUiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed290d3afc1e425d1794fdd38fd4310bb3e9420f0ed98fda92d1ff4795ca81df

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=1607959
last-modified: Wed, 07 Apr 2021 18:32:14 GMT
x-traceid: e634a9228349005ce8765824b6e7ff39
timing-allow-origin: *
content-length: 70272
content-type: image/webp

GET
H2 200 eyJpdSI6ImI4YzY4ZTkwN2NhMGJjMWQ1OTIzYTQ3ZGUwOWFkMmQ2OWVjY2RkZjRjYjE0ZDY2YzBjOGE1MmU1MWFmNWIwODIiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 34 KB
34 KB 7386ms
63ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI4YzY4ZTkwN2NhMGJjMWQ1OTIzYTQ3ZGUwOWFkMmQ2OWVjY2RkZjRjYjE0ZDY2YzBjOGE1MmU1MWFmNWIwODIiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 783dc78f391e73383565c27f6546a7e3bb41b7e5fb9872d027e99bc1eba9cc82

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=1763566
last-modified: Fri, 21 May 2021 02:22:04 GMT
x-traceid: a8dc089c8de7f63d54b6f4b6d955804d
timing-allow-origin: *
content-length: 34474
content-type: image/webp

GET
H2 200 eyJpdSI6IjIwYzE4ZDU2OTc0MjkyZmZhNzZjOTQyODYzMmYxYjgyOThlOTg2ZWJiNTU0MmE5NzA1YWY1MjFjYmU4ODA2ZGUiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
16 KB 7386ms
64ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjIwYzE4ZDU2OTc0MjkyZmZhNzZjOTQyODYzMmYxYjgyOThlOTg2ZWJiNTU0MmE5NzA1YWY1MjFjYmU4ODA2ZGUiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c354fd7f76af17650d2458c3f7b1d4743b9b359bc160825b6906a7e36084348e

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=1250757
last-modified: Mon, 10 May 2021 14:51:35 GMT
x-traceid: 644153c49737bcedf8b0a6921c0a4b6e
timing-allow-origin: *
content-length: 15858
content-type: image/webp

GET
H2 200 eyJpdSI6ImRiNTI5NDI0YTYwN2RjMTk5ZjY3M2ExZjE4ZmU2MGE0ZTllMmQ5ZWY1MWJmZDUyM2I2Yjg5NzAxOTQ4YjE4NmMiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 57 KB
57 KB 7392ms
70ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRiNTI5NDI0YTYwN2RjMTk5ZjY3M2ExZjE4ZmU2MGE0ZTllMmQ5ZWY1MWJmZDUyM2I2Yjg5NzAxOTQ4YjE4NmMiLCJ3IjoyNzUsImgiOjI3NSwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 36dcf3360f5627a7db1973a12552c3a83becf5222e575044de96628fa73ec37f

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=1940461
last-modified: Fri, 04 Jun 2021 12:44:37 GMT
x-traceid: 4274c6b11b63d406ac107c0a4811b5c9
timing-allow-origin: *
content-length: 58384
content-type: image/webp

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C98B 2 KB
1 KB 31ms
31ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: adab1e55d321a65d4cc1abde330164c08c91229115cedb201979279136212941

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 05:48:59 GMT
server: AkamaiNetStorage
etag: "334ff8070b2bf55584902b19bda82fb2:1623046243.591635"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 777

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8F5D 2 KB
1 KB 30ms
30ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: adab1e55d321a65d4cc1abde330164c08c91229115cedb201979279136212941

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 05:48:59 GMT
server: AkamaiNetStorage
etag: "334ff8070b2bf55584902b19bda82fb2:1623046243.591635"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 777

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame FDBA 1 KB
2 KB 85ms
28ms Script
application/javascript 52.222.174.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-22.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:36:45 GMT
via: 1.1 7aef920ed20c713960127526fa3a88f5.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1046
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: JCAunywE622o0vBPxvrzBh1PfKBWmyDVHaBjSuGR1Ev3s15mwKmAEw==

GET
H2

200

02122019-013444069-1x1pix.png
s0.2mdn.net/8187539/ Frame 8F5D
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305108365;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305108365;dc_pre=CL7A1qDRjfECFQ-ndwodEoMB2A;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png

951 B
1 KB

27ms
6ms

Image
image/png

2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7338d1df7a0b3b6d2c1177efc1f2ada1411fa054962b315ff80cbe9e0b905645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 01:43:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Feb 2019 09:34:44 GMT
server: sffe
age: 58245
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 951
x-xss-protection: 0
expires: Fri, 11 Jun 2021 01:43:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

02122019-013444069-1x1pix.png
s0.2mdn.net/8187539/ Frame C98B
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305106724;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGD...
https://ad.doubleclick.net/ddm/ad/N105603.3353239OUTBRAIN.CH/B24707357.305106724;dc_pre=CNjC1qDRjfECFdXJuwgdhRoJYQ;sz=1x1;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png

951 B
1008 B

26ms
7ms

Image
image/png

2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7338d1df7a0b3b6d2c1177efc1f2ada1411fa054962b315ff80cbe9e0b905645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 01:43:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Feb 2019 09:34:44 GMT
server: sffe
age: 58245
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 951
x-xss-protection: 0
expires: Fri, 11 Jun 2021 01:43:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/8187539/02122019-013444069-1x1pix.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/ Frame FDBA
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=6420&cs_ucfr=1&ns__t=1623347650740&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fob...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=6420&cs_ucfr=1&ns__t=1623347650740&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...

64 B
330 B

38ms
37ms

Image
image/gif

52.222.174.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=6420&cs_ucfr=1&ns__t=1623347650740&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D6420%26dmpenabled%3Dtrue%26filterDMP%3D%26csenabled%3Dtrue%26d%3D0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn%26gdpr%3D0%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fcommandwindows.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-22.cdg50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:10 GMT
via: 1.1 7aef920ed20c713960127526fa3a88f5.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: odqLsKtYc8JUezN31Zjpv4nE6yjcBBE-RRhSLEjmFDHwjIHkjMR38g==

Redirect headers

date: Thu, 10 Jun 2021 17:54:10 GMT
via: 1.1 7aef920ed20c713960127526fa3a88f5.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=6420&cs_ucfr=1&ns__t=1623347650740&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D6420%26dmpenabled%3Dtrue%26filterDMP%3D%26csenabled%3Dtrue%26d%3D0wQ1nVxdSywc8eRGjw2eLFj38sB1_C4m-9SRXs6nvGaAJYLrSjcpyZMBBu2RDcbn%26gdpr%3D0%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DCH&c9=https%3A%2F%2Fcommandwindows.com%2F
content-length: 487
x-amz-cf-id: uz4MH9YDLDhrLNGuU3BsH7WOI2RU-WM0de2eiSc2YLRzEbXUGIfDWg==

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 531ms
135ms Fetch
text/plain 64.74.236.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=c9f2cee76aa08b00786addb7677dc797_6420_1623347650822&tm=995&eT=0&widgetWidth=300&widgetHeight=1083&widgetX=250&widgetY=1215&wRV=2000370&pVis=1&lsd=46bc50c5-5a6a-4b66-bc6c-9a8467034420&eIdx=&ccpa=1---&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 10 Jun 2021 17:54:11 GMT
content-encoding: gzip
X-TraceId: 7cd4188fbd24ff7635674778dca5fe48
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjI4ZjViZjNmOGI0Y2VlYTI4MDVhMjFiZTk4ZjY2YTc0NmQ5N2E1ZGE3MzVjNmYxZTZlNTAyOTFlYTMyY2VhYTkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 26 KB
26 KB 65ms
64ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI4ZjViZjNmOGI0Y2VlYTI4MDVhMjFiZTk4ZjY2YTc0NmQ5N2E1ZGE3MzVjNmYxZTZlNTAyOTFlYTMyY2VhYTkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e43edcd2590bc6bd511a6966652f1c6cfed3c1fbf3c2caa42d274424b9b34bfb

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=785408
last-modified: Fri, 26 Feb 2021 10:32:28 GMT
x-traceid: ac1a70fa92437c536027c674392c9093
timing-allow-origin: *
content-length: 26868
content-type: image/webp

GET
H2 200 eyJpdSI6IjZmZDljMWI5OWFlOGZjNDdlZjA1N2U1MDEyMTg5MmEzMWU3Y2NlYjEwMzE2MTkxZTZlNGViZWI5NTRlMTY0NWQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 16 KB
16 KB 65ms
64ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZmZDljMWI5OWFlOGZjNDdlZjA1N2U1MDEyMTg5MmEzMWU3Y2NlYjEwMzE2MTkxZTZlNGViZWI5NTRlMTY0NWQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 49e4f3cf90f3c563ee1f05ee947c22a9ab68354e3a20c8ae44582b6fe9e0c340

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=761584
last-modified: Fri, 07 May 2021 07:39:52 GMT
x-traceid: 164403eaee2d441ffe2d42eebb44aea1
timing-allow-origin: *
content-length: 16420
content-type: image/webp

GET
H2 200 eyJpdSI6IjMyZThhOTYwNmNiNDg4OWVkZjA0YjcxYTFkZDk2ZTYzMWZlYWZlM2Y2NGYxNjg1YjNkNmJlM2UyOGQ5ZmYxMzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjaCI6LTExNjk5NTI1OSwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 40 KB
41 KB 69ms
68ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjMyZThhOTYwNmNiNDg4OWVkZjA0YjcxYTFkZDk2ZTYzMWZlYWZlM2Y2NGYxNjg1YjNkNmJlM2UyOGQ5ZmYxMzYiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjaCI6LTExNjk5NTI1OSwiY3MiOjAsImYiOjR9.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a26814bc35babf109f52be0e4d183569316287fe68ed6a84766d348663c06c7e

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=2179830
last-modified: Tue, 25 May 2021 09:57:58 GMT
x-traceid: f2710e26eee30b87b4c8f56b61f384f5
timing-allow-origin: *
content-length: 41470
content-type: image/webp

GET
H2 200 eyJpdSI6IjlmNmM4NGFlZmNhNWZjZjgyNzg2NTQwODdjOGRmYTZiNzU2YjI4MzUzYTRhYzgxZTkyMTQ3YjdmYTVkMDQwNmUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 45 KB
45 KB 77ms
76ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlmNmM4NGFlZmNhNWZjZjgyNzg2NTQwODdjOGRmYTZiNzU2YjI4MzUzYTRhYzgxZTkyMTQ3YjdmYTVkMDQwNmUiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf897ca2cd255c7059b225b2c48ea9674fb280250d0e84bf65145adada65e344

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: max-age=2020287
last-modified: Thu, 20 May 2021 06:20:03 GMT
x-traceid: fce9fff2dba9ec643bd98e338d752a6c
timing-allow-origin: *
content-length: 46048
content-type: image/webp

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 2FB7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=96B8475B-013F-4971-8419-D22B904765DB
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=96B8475B-013F-4971-8419-D22B904765DB

35 B
468 B

44ms
44ms

Document
image/gif

37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=96B8475B-013F-4971-8419-D22B904765DB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=96B8475B-013F-4971-8419-D22B904765DB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=6330672376748879422; expires=Mon, 09 Aug 2021 17:54:11 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 10 Jun 2021 17:54:11 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=96B8475B-013F-4971-8419-D22B904765DB
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sat, 10 Jul 2021 17:54:11 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3B17
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4527855954673020420

42 B
210 B

34ms
34ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4527855954673020420
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4527855954673020420
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=96B8475B-013F-4971-8419-D22B904765DB; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A201_197_219; SyncRTB3=1625875200%3A203%7C1624579200%3A35%7C1624147200%3A63%7C1624492800%3A161_56_166_81_234_21_22_55_7_99_54_3_71_8%7C1623888000%3A15_2_223; KRTBCOOKIE_377=6810-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&22918-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&23031-a1fa1058-b415-4147-87bf-79116f253f4d; PugT=1623347651; PUBMDCID=3; KRTBCOOKIE_218=22978-YMJRwgABdgHpewBg&KRTB&23194-YMJRwgABdgHpewBg&KRTB&23209-YMJRwgABdgHpewBg&KRTB&23244-YMJRwgABdgHpewBg; KRTBCOOKIE_27=16735-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&16736-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23019-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23114-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715; KRTBCOOKIE_22=14911-8520015361242243657; KRTBCOOKIE_391=22924-249021155297360410&KRTB&23263-249021155297360410; KRTBCOOKIE_594=17105-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003&KRTB&17107-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-4527855954673020420; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:11 GMT; path=/ PugT=1623347651; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:11 GMT; path=/
x-lat: lhrpug009:0:403
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4527855954673020420
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame E84E 43 B
369 B 3150ms
54ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 10 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1321
x-powered-by: ASP.NET
date: Thu, 10 Jun 2021 17:54:13 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 33B0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225075391166606

42 B
210 B

35ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225075391166606
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225075391166606
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=96B8475B-013F-4971-8419-D22B904765DB; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A201_197_219; SyncRTB3=1625875200%3A203%7C1624579200%3A35%7C1624147200%3A63%7C1624492800%3A161_56_166_81_234_21_22_55_7_99_54_3_71_8%7C1623888000%3A15_2_223; KRTBCOOKIE_377=6810-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&22918-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&23031-a1fa1058-b415-4147-87bf-79116f253f4d; PUBMDCID=3; KRTBCOOKIE_218=22978-YMJRwgABdgHpewBg&KRTB&23194-YMJRwgABdgHpewBg&KRTB&23209-YMJRwgABdgHpewBg&KRTB&23244-YMJRwgABdgHpewBg; KRTBCOOKIE_27=16735-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&16736-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23019-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23114-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715; KRTBCOOKIE_22=14911-8520015361242243657; KRTBCOOKIE_391=22924-249021155297360410&KRTB&23263-249021155297360410; KRTBCOOKIE_594=17105-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003&KRTB&17107-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003; KRTBCOOKIE_57=22776-7847840062258970552; KRTBCOOKIE_336=5844-4527855954673020420; KRTBCOOKIE_80=22987-CAESEJwWODPdENR-sDBt1dQea5w&KRTB&16514-CAESEJwWODPdENR-sDBt1dQea5w&KRTB&23025-CAESEJwWODPdENR-sDBt1dQea5w; KRTBCOOKIE_153=19420-Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn&KRTB&22979-Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn; SPugT=1623347652; KRTBCOOKIE_188=3189-4fbcc3d4-4586-438f-8d9a-377ccfd29cde-60c251c4-4348; PugT=1623347652
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:12 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6972225075391166606; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:12 GMT; path=/ PugT=1623347652; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:12 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:12 GMT; path=/
x-lat: lhrpug001:0:466
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 10 Jun 2021 17:54:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6972225075391166606; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225075391166606

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 0486
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVkFVN0JoS1FBQURFbmwtbmZQZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACVAU7BhKQAADEnl-nfPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACVAU7BhKQAADEnl-nfPg&pid=558502&do=add
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACVAU7BhKQAADEnl-nfPg&pid=558502&do=add&_bee_ppp=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADvvU7BhKQAADKOsYyZ3w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5229082194417480201
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADvvU7BhKQAADKOsYyZ3w

42 B
523 B

34ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADvvU7BhKQAADKOsYyZ3w
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADvvU7BhKQAADKOsYyZ3w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KRTBCOOKIE_1101=23040-6972225075391166606; PUBMDCID=3; KRTBCOOKIE_466=16530-4fee5273-4871-4ba5-a116-35f56c8f47d4; PugT=1623347654
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_699=22727-AADvvU7BhKQAADKOsYyZ3w; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:15 GMT; path=/ PugT=1623347655; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:15 GMT; path=/
x-lat: lhrpug008:0:493
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Thu, 10 Jun 2021 17:54:15 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADvvU7BhKQAADKOsYyZ3w
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9F16
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003&rndcb=7462249941
https://p.rfihub.com/cm?in=1&pub=20513&ssp=adconductor
https://x.bidswitch.net/sync?dsp_id=119&user_id=2159827871561967873&expires=30&ssp=adconductor
https://sync.1rx.io/usersync/bidswitch/550dafd9-b18d-456e-b12a-f6fc223f1dd9?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003

42 B
271 B

34ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=96B8475B-013F-4971-8419-D22B904765DB; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A201_197_219; SyncRTB3=1625875200%3A203%7C1624579200%3A35%7C1624147200%3A63%7C1624492800%3A161_56_166_81_234_21_22_55_7_99_54_3_71_8%7C1623888000%3A15_2_223; KRTBCOOKIE_377=6810-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&22918-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&23031-a1fa1058-b415-4147-87bf-79116f253f4d; PugT=1623347651; PUBMDCID=3; KRTBCOOKIE_218=22978-YMJRwgABdgHpewBg&KRTB&23194-YMJRwgABdgHpewBg&KRTB&23209-YMJRwgABdgHpewBg&KRTB&23244-YMJRwgABdgHpewBg; KRTBCOOKIE_27=16735-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&16736-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23019-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23114-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715; KRTBCOOKIE_22=14911-8520015361242243657; KRTBCOOKIE_391=22924-249021155297360410&KRTB&23263-249021155297360410
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003&KRTB&17107-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:11 GMT; path=/ PugT=1623347651; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:11 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:11 GMT; path=/
x-lat: lhrpug004:0:586
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:11 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:11 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003
etag: RX0835e5df11734beabd98beac5d3d9b5b003

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F986
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
88 B

34ms
33ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=96B8475B-013F-4971-8419-D22B904765DB; chkChromeAb67Sec=1; DPSync3=1623369600%3A174%7C1624492800%3A201_197_219; SyncRTB3=1625875200%3A203%7C1624579200%3A35%7C1624147200%3A63%7C1624492800%3A161_56_166_81_234_21_22_55_7_99_54_3_71_8%7C1623888000%3A15_2_223; KRTBCOOKIE_377=6810-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&22918-a1fa1058-b415-4147-87bf-79116f253f4d&KRTB&23031-a1fa1058-b415-4147-87bf-79116f253f4d; PUBMDCID=3; KRTBCOOKIE_218=22978-YMJRwgABdgHpewBg&KRTB&23194-YMJRwgABdgHpewBg&KRTB&23209-YMJRwgABdgHpewBg&KRTB&23244-YMJRwgABdgHpewBg; KRTBCOOKIE_27=16735-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&16736-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23019-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&KRTB&23114-uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715; KRTBCOOKIE_22=14911-8520015361242243657; KRTBCOOKIE_391=22924-249021155297360410&KRTB&23263-249021155297360410; KRTBCOOKIE_594=17105-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003&KRTB&17107-RX-0835e5df-1173-4bea-bd98-beac5d3d9b5b-003; KRTBCOOKIE_57=22776-7847840062258970552; KRTBCOOKIE_336=5844-4527855954673020420; KRTBCOOKIE_80=22987-CAESEJwWODPdENR-sDBt1dQea5w&KRTB&16514-CAESEJwWODPdENR-sDBt1dQea5w&KRTB&23025-CAESEJwWODPdENR-sDBt1dQea5w; KRTBCOOKIE_153=19420-Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn&KRTB&22979-Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn; SPugT=1623347652; KRTBCOOKIE_188=3189-4fbcc3d4-4586-438f-8d9a-377ccfd29cde-60c251c4-4348; PugT=1623347652
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:12 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug019:2:270
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=fe7a0552-be42-4e76-b51a-d7c3d87fd6f0; path=/; domain=csync.loopme.me; Expires=Sat, 10-Jul-2021 17:54:12 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 10 Jun 2021 17:54:12 GMT
server: _

GET
H/1.1 200
OK ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 4ED1 43 B
344 B 118ms
114ms Document
image/gif 52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/ecm3?id=96B8475B-013F-4971-8419-D22B904765DB&ex=pubmatic.com
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A3crxkMOQU1huKdFQb35LzI; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: Server
Date: Thu, 10 Jun 2021 17:54:11 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: User-Agent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DF77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lrhHWwE_SXGEGdIrkEdl2w%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

85ms
84ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 06:44:25 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-2080-5c3aeac410031"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=133277
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2586
expires: Sat, 12 Jun 2021 06:55:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bcbf60c2-51c2-4a00-9539-83fdb0b5c715

0
260 B

637ms
34ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bcbf60c2-51c2-4a00-9539-83fdb0b5c715
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 15:20:44 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Jun 2021 17:56:02 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bcbf60c2-51c2-4a00-9539-83fdb0b5c715
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:01 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DF77
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=96B8475B-013F-4971-8419-D22B904765DB
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=ab0b1507-36b9-4d53-ae9b-f133755f1529&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3b30820fd0eb1bfd86c71564380744eb
https://spl.zeotap.com/?zdid=1332&zcluid=6191851e62542bb7
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1e99404d-b6f5-4010-7edb-823451f4289d&reqId=f97d29ec-5e2b-497c-697b-03959a64201d&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEAyFuGnpyengypsaAuBRxM8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1e99404d-b6f5-4010-7edb-823451f4289d&reqId=f97d29ec-5e2b-497c-697b-039...

95 B
178 B

29ms
29ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEAyFuGnpyengypsaAuBRxM8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1e99404d-b6f5-4010-7edb-823451f4289d&reqId=f97d29ec-5e2b-497c-697b-03959a64201d&zcluid=6191851e62542bb7&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 65d476b7bfd705cc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a98a886d8000005cc7fb4d000000001

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEAyFuGnpyengypsaAuBRxM8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1e99404d-b6f5-4010-7edb-823451f4289d&reqId=f97d29ec-5e2b-497c-697b-03959a64201d&zcluid=6191851e62542bb7&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=0&gdpr_consent=

42 B
340 B

50ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:541
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Jun 2021 17:56:02 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:bcbf60c2-51c2-4a00-9539-83fdb0b5c715&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:01 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=249021155297360410

42 B
232 B

36ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=249021155297360410
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:2452
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=249021155297360410
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJwWODPdENR-sDBt1dQea5w&google_cver=1

42 B
283 B

406ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJwWODPdENR-sDBt1dQea5w&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:484
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJwWODPdENR-sDBt1dQea5w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1fa1058-b415-4147-87bf-79116f253f4d

42 B
604 B

73ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1fa1058-b415-4147-87bf-79116f253f4d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:462
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a1fa1058-b415-4147-87bf-79116f253f4d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7847840062258970552&gdpr=0&gdpr_consent=

42 B
210 B

399ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7847840062258970552&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:422
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:11 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: cf72fdf2-df64-41af-9532-dba2e30fea12
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7847840062258970552&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 96B8475B-013F-4971-8419-D22B904765DB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DF77 43 B
203 B 38ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/96B8475B-013F-4971-8419-D22B904765DB?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=96B8475B-013F-4971-8419-D22B904765DB&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GrufalJE2uUyYFplwXN4xIndix2MOUU-~A&gdpr=0&gdpr_consent=

0
128 B

104ms
35ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GrufalJE2uUyYFplwXN4xIndix2MOUU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Jun 2021 17:54:11 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GrufalJE2uUyYFplwXN4xIndix2MOUU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn

42 B
271 B

414ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:399
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Swhb4kgJW-NQDwi0TQoV4koOWeRQDg3oHg-7teHn
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=550dafd9-b18d-456e-b12a-f6fc223f1dd9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=11f3df69-8be4-41d5-911d-29cdc96ad47f&expires=1&user_group=5&ssp=pubmatic&bsw_param=550dafd9-b18d-456e-b12a-f6fc223f1dd9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4fee5273-4871-4ba5-a116-35f56c8f47d4&gdpr=&gdpr_consent=&gdpr_pd=

1 B
338 B

42ms
40ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4fee5273-4871-4ba5-a116-35f56c8f47d4&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:453
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4fee5273-4871-4ba5-a116-35f56c8f47d4&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 10 Jun 2021 17:54:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRwgABdgHpewBg&gdpr=0&gdpr_consent=

1 B
256 B

101ms
34ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRwgABdgHpewBg&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:459
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623347651.454004,VS0,VE0
x-served-by: cache-fra19145-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRwgABdgHpewBg&gdpr=0&gdpr_consent=
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8520015361242243657&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

78ms
35ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8520015361242243657&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:440
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8520015361242243657&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame DF77 0
104 B 52ms
23ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=96B8475B-013F-4971-8419-D22B904765DB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4e3f272f-2a87-4d45-a222-78fa9b0ba9e6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
187 B

34ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4e3f272f-2a87-4d45-a222-78fa9b0ba9e6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:507
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4e3f272f-2a87-4d45-a222-78fa9b0ba9e6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 10 Jun 2021 17:54:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DF77
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4fbcc3d4-4586-438f-8d9a-377ccfd29cde-60c251c4-4348&gdpr=0&gdpr_consent=

42 B
312 B

34ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4fbcc3d4-4586-438f-8d9a-377ccfd29cde-60c251c4-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:11 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=4fbcc3d4-4586-438f-8d9a-377ccfd29cde-60c251c4-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
261 B 570ms
570ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=328691929262959&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C340x390%7C350x410&ris=2&rcs=1&prev_scp=a%3D%257C3%257C%26iid11%3D1022947%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1000%26sap%3D1200%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dcommandwindows_com-box-1-1022947%26eb_br%3D42fb9eb188befe70c6a673dc6c80f437%2Cc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D4452476132%26asau%3D2780302833%26bv%3D24%26bvm%3D0%26bvr%3D2%26shp%3D2%26acptad%3D1%26br1%3D280%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C0%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D550%26reqt%3D1623347651930&eri=1&cookie=ID%3De8e9fae38446fedf-22e6a1865dc8001f%3AT%3D1623347649%3AS%3DALNI_MYLQKcF5UBoXtyPBWvcMHx49dq6tw&bc=31&abxe=1&lmt=1623347651&dt=1623347651940&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=610&adks=3944075631&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=1100&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

41f936ec8684fcbeb4cbb5cf6704ed3342a7d98f859e1fff343271abef3634d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 448 B
259 B 568ms
567ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=4480764662720012&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C310x320%7C320x360%7C350x380&ris=2&rcs=1&prev_scp=a%3D%257C3%257C%26iid11%3D1020548%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1001%26sap%3D1224%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcommandwindows_com-box-2-1020548%26eb_br%3Db75a19eef33cd9413dfebdcbce61e0ad%2C90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D5905158604%26asau%3D4257036031%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26acptad%3D1%26br1%3D300%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D600%26reqt%3D1623347651935&eri=1&cookie=ID%3De8e9fae38446fedf-22e6a1865dc8001f%3AT%3D1623347649%3AS%3DALNI_MYLQKcF5UBoXtyPBWvcMHx49dq6tw&bc=31&abxe=1&lmt=1623347651&dt=1623347651943&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=600&adys=292&adks=1139380737&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x110&msz=728x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e7fa0011ce222a3da295ce5db732eda18b746352f3897e4b917afc2a9046282e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
9 KB 492ms
492ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=4414676102354182&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C310x320%7C370x350%7C360x410&ris=2&rcs=1&prev_scp=a%3D%257C3%257C%26iid11%3D1061648%26iit%3D7%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1005%26sap%3D1300%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dcommandwindows_com-medrectangle-2-1061648%26eb_br%3D235a54888c7ee72f359041faf3ce4c23%2C76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D9980134984%26asau%3D5753788832%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26br1%3D400%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C0%2C28%2C67%2C45%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D800%26reqt%3D1623347651936&eri=1&cookie=ID%3De8e9fae38446fedf-22e6a1865dc8001f%3AT%3D1623347649%3AS%3DALNI_MYLQKcF5UBoXtyPBWvcMHx49dq6tw&bc=31&abxe=1&lmt=1623347651&dt=1623347651945&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=3676449675&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

f81cada6b685f3ca2d3802a01a3562e85fd5851d9ee8fb05109cad3ab38790bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 81CE 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Jun 2021 17:54:09 GMT
expires: Fri, 10 Jun 2022 17:54:09 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263566164500"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28162
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:54:12 GMT

GET
H2 200 greenoaks.gif Show response
commandwindows.com/detroitchicago/ 0
75 B 21ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQ0ODQifV19XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQ0ODQifV19XQ==
pragma: no-cache
cookie: OB-USER-TOKEN=46bc50c5-5a6a-4b66-bc6c-9a8467034420; __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=400; ezouspva=1; ezouspvh=400
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:12 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 21ms
20ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNjE2NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4OCwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjIzNWE1NDg4OGM3ZWU3MmYzNTkwNDFmYWYzY2U0YzIzLDc2MTYzMTcwYTg2MzZhZTViODg0MTdmMDk1ODkzZTA4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDYxNjQ4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDQsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDQsImJpZF9mbG9vcl9wcmV2IjowLjAwOCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNjE2NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4OCwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNjE2NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4OCwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjIzNWE1NDg4OGM3ZWU3MmYzNTkwNDFmYWYzY2U0YzIzLDc2MTYzMTcwYTg2MzZhZTViODg0MTdmMDk1ODkzZTA4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDYxNjQ4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDQsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDQsImJpZF9mbG9vcl9wcmV2IjowLjAwOCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNjE2NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4OCwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: OB-USER-TOKEN=46bc50c5-5a6a-4b66-bc6c-9a8467034420; __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=400; ezouspva=1; ezouspvh=400
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:12 UTC

GET
H2 200 4967849488 Show response
g.ezoic.net/dac/ 0
93 B 82ms
24ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4967849488
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:12 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: OB-USER-TOKEN=46bc50c5-5a6a-4b66-bc6c-9a8467034420; __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=400; ezouspva=1; ezouspvh=400
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:13 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY1MiwiYWRfcG9zaXRpb24iOjEwMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6ODAwLCJiaWRfZmxvb3JfcHJldiI6ODAwLCJiaWRfZmxvb3JfZmlsbGVkIjo0MDAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjUxMiwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTA0NDE4NTQ4LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODh9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY1MiwiYWRfcG9zaXRpb24iOjEwMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6ODAwLCJiaWRfZmxvb3JfcHJldiI6ODAwLCJiaWRfZmxvb3JfZmlsbGVkIjo0MDAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjUxMiwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTA0NDE4NTQ4LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODh9XQ==
pragma: no-cache
cookie: OB-USER-TOKEN=46bc50c5-5a6a-4b66-bc6c-9a8467034420; __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=400; ezouspva=1; ezouspvh=400
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:12 UTC

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 81CE 0
0 60ms
59ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzRhcw1HCYI2oPMvi-gampYuQCcaMgtRg2N75mOAMhd2jp9kCEAEgwtPvI2D1lc6B4ASgAe-8ttoDyAEJqQI-6whh-LyyPuACAKgDAaoE-gFP0DzXnY51jykHnPd3VNXWjJsODSnmjPZkZmE3qH9dccq4bG5ts5WHYOtAM0LLuocWT8svgrxmt7vnYUq0ta049GqnKT7Y8KPZCN4Gh2CPzfkTUVr82keql8-crWr850b0U0hCixGKGqV7fkws23O8WccsXIG1lWcpcF_Sg5_4q_W2fDScL150_-GWYQhKseDEmZ1uYrVi0rRaWflEe0Qcv5pHxwicu0SgzrH22mLbvQ4Yf03LGFV6JWpNj69yxP4ZgQBdRlJAwuuEI7_Ah_z8Kig-YHV586K_l5D3HAmI8XNbZ194mhaGHu8EPJxmXrSkSIZaFXBBo_Q3wASY8JmItwPgBAGSBQQIBBgBkgUECAUYBKAGEYAH-cLJJagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRCA348C0ggHCIBhEAEYHYAKA8gLAdgTCtAVAYAXAbIXGgoYCAASFHB1Yi03OTU4OTU5NTY2MjA2ODYw&sigh=Oid5HG5hCN8
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/ Frame 81CE 5 KB
2 KB 301ms
272ms Script
text/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCM60Xw1HCYI2oPMvi-gampYuQCcaMgtRg2N75mOAMhd2jp9kCEAEgwtPvI2D1lc6B4ASgAe-8ttoDyAEJqQI-6whh-LyyPuACAKgDAaoE_QFP0DzXnY51jykHnPd3VNXWjJsODSnmjPZkZmE3qH9dccq4bG5ts5WHYOtAM0LLuocWT8svgrxmt7vnYUq0ta049GqnKT7Y8KPZCN4Gh2CPzfkTUVr82keql8-crWr850b0U0hCixGKGqV7fkws23O8WccsXIG1lWcpcF_Sg5_4q_W2fDScL150_-GWYQhKseDEmZ1uYrVi0rRaWflEe0Qcv5pHxwicu0SgzrH22mLbvQ4Yf03LGFV6JWpNj69yxP4ZgQBdRlJAwuuEI7_Ah_z8Kig-YHV586K_l5D3HAmI8XNbZ194mhaGXO0JrkC41P1nwvuDrWuSM94tvA9vwASY8JmItwPgBAGgBhGAB_nCySWoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBgBcB%26num%3D1%26sig%3DAOD64_3ulCjWFD3l0r4i8d8zKYP2NDK4RQ%26client%3Dca-pub-7958959566206860%26adurl%3D&cb=539352999
Requested by: Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba70b610a99e9541ed3dcc93979dee0eb13cc97fdea65f335d74103c9c8f082c

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Dec 2020 10:23:36 GMT
server: cloudflare
x-amz-request-id: E86HZVQ2MRATMB50
etag: W/"bcf7b1ed4191d97e203d1cc960513217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: YZSb0zoxwN77BEba7ESQAsAMJhLKyZlXimy3SRgca5QehO1xhEJMRSrwUqOz2gGBn1ZQHDGnKfk=
content-type: text/javascript
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 65d476ac29fb0609-FRA
cf-request-id: 0a98a87f9b0000060984a88000000001

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 81CE 30 KB
12 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08bc5b2eb4be9bcfb0a533f41a80348f1d5620ee6aed2291b4ed5142cef8b0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12041
x-xss-protection: 0
server: cafe
etag: 4128451431288009682
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 17:34:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 81CE 2 KB
2 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 17:53:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81CE 122 KB
38 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623263560240521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37945
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:54:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 81CE 13 KB
6 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
server: cafe
etag: 16788636151609896382
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 17:54:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 81CE 0
0 15ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWE3qW4m3lzOfO_6NYmxQcjbb7g3j_SUoffYXBO3wT0MLWyu9_U7uUGXzyZzrtgMDPZLXqisTl24JUT_cqQpPZuv4HAw
Requested by: Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 81CE 17 KB
7 KB 32ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 17:49:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8E95 1 KB
1 KB 29ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 10 Jun 2021 05:40:48 GMT
expires: Fri, 11 Jun 2021 05:40:48 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 44004
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 81CE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28560b5847779b3edc3be7ae0322e3f20cf4f4ee82327f4ee0fb093e76538b3e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8E95 35 B
462 B 11ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN_s_k_pDHbs8Ws7g3e06f4&google_cver=1&google_push=AYg5qPK4SRVreSqLVNGIbx5Yewo9eyegR2rgKy1j12RK2e9hDlTDtjQ-UyC_5n5U_fwKVdfQGCCQuY-vNZPh7ifqC4LSKRQeu_-D

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E95
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECKEzrrIgMpLonaIWInypPQ&google_cver=1&google_push=AYg5qPKvUuO1rcYHFCAzuFAQJ3kROcqCFDjUdb2-Pfi6sXAktGNF4FW9A9XSkVwkFYLaTO6YOF2SGrC...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESECKEzrrIgMpLonaIWInypPQ&google_cver=1&google_push=AYg5qPKvUuO1rcYHFCAzuFAQJ3kROcqCFDjUdb2-Pfi6sXAktGNF4FW9A9XSkVwkFYLaT...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N9VXs3gqTvKzeJf4EwpB3WDCUcQ
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N9VXs3gqTvKzeJf4EwpB3WDCUcQ&google_tc=

170 B
188 B

33ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N9VXs3gqTvKzeJf4EwpB3WDCUcQ&google_tc=

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N9VXs3gqTvKzeJf4EwpB3WDCUcQ&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8E95 0
136 B 312ms
29ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENNMOoPLbaiN2hvU35T9eN0&google_cver=1&google_push=AYg5qPKrqRZ1AgtIsatOV1gaYbiQZy3UmMEkgV-F-gUKkS89DxYt0erIjuzVgmUcfKBwULFabeUZAuYf6NfMfnYF36rEj5vy9N4
Requested by: Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E95
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEGiMn8Tsk1ixxfJj-Ok0nfk&google_cver=1&google_push=AYg5qPJJSEdXbq804HPEkdTfESpU_QYK4sXbQZCGBtPkQeuJdk7lnmQbOQ7uZoIQI4jcGUoRIUXJF5haMKcFD5u-DMO65VzEImIT
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QUYxUkhTeVpCSW00Y3NEVnhWSENZQQ%3D%3D&google_push=AYg5qPJJSEdXbq804HPEkdTfESpU_QYK4sXbQZCGBtPkQeuJdk7lnmQbOQ7uZoIQI4jcGUoRIUXJF5haMKcFD...

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QUYxUkhTeVpCSW00Y3NEVnhWSENZQQ%3D%3D&google_push=AYg5qPJJSEdXbq804HPEkdTfESpU_QYK4sXbQZCGBtPkQeuJdk7lnmQbOQ7uZoIQI4jcGUoRIUXJF5haMKcFD5u-DMO65VzEImIT

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QUYxUkhTeVpCSW00Y3NEVnhWSENZQQ%3D%3D&google_push=AYg5qPJJSEdXbq804HPEkdTfESpU_QYK4sXbQZCGBtPkQeuJdk7lnmQbOQ7uZoIQI4jcGUoRIUXJF5haMKcFD5u-DMO65VzEImIT
date: Thu, 10 Jun 2021 17:54:13 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 243
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E95
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIzE32aAXjDMRQXCWwk4w68&google_cver=1&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN66...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIzE32aAXjDMRQXCWwk4w68&google_cver=1&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfC...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=de68f522-27ae-4374-8b0c-fc257b6b0b52&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN6693jwLOk&google_hm=T-5Sc0hxS6WhFjX1bI9H1A==

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN6693jwLOk&google_hm=T-5Sc0hxS6WhFjX1bI9H1A==

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ46luRTeE9LtmUigDEnpkGCl2kKc2KrA96PFgJLhP1pKK-dEpJLwwRIvijW2wKxrjYvqkIsbKCcVaRfClIjN6693jwLOk&google_hm=T-5Sc0hxS6WhFjX1bI9H1A==
date: Thu, 10 Jun 2021 17:54:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 8E95 42 B
233 B 574ms
108ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEB-NTAUjV7a3UTtYryylASA&google_cver=1&google_push=AYg5qPKW5QrzGvVp6vYeg6CWX6ErKT1K9jdFHM_BXzjy2esg_NeMy2zPoggyV3uFXs1M6oOpiCOqUd5HrueEcoEUaRSMlRel9QU
Requested by: Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:13 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8E95
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.targeting.unrulymedia.com/csync/RX-b5b91fbf-c213-491f-a298-860ac783e53b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL1lyzrdDkG64Lnp3v-9...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M&google_hm=A7W5H7_CE0kfopiGCseD5Ts
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M&google_hm=A7W5H7_CE0kfopiGCseD5Ts&go...

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M&google_hm=A7W5H7_CE0kfopiGCseD5Ts&google_tc=

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL1lyzrdDkG64Lnp3v-9p7413bhcxTh4lLI-fpWwBSQ8qTX-tuqE41Iv9Hyt_Np9UX5ZsffMJyb014Kmmcs5DdyId69a1M&google_hm=A7W5H7_CE0kfopiGCseD5Ts&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 414
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8E95 0
59 B 29ms
29ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2pdjCEBVLpdMLd-7schTUpY0ykOexYyeYD_CwUtFurc1pCvopCSkulNsAxoFTjLw3C3Z7

Requested by

Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/ Frame 66C4 18 KB
4 KB 278ms
278ms Document
text/html 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCM60Xw1HCYI2oPMvi-gampYuQCcaMgtRg2N75mOAMhd2jp9kCEAEgwtPvI2D1lc6B4ASgAe-8ttoDyAEJqQI-6whh-LyyPuACAKgDAaoE_QFP0DzXnY51jykHnPd3VNXWjJsODSnmjPZkZmE3qH9dccq4bG5ts5WHYOtAM0LLuocWT8svgrxmt7vnYUq0ta049GqnKT7Y8KPZCN4Gh2CPzfkTUVr82keql8-crWr850b0U0hCixGKGqV7fkws23O8WccsXIG1lWcpcF_Sg5_4q_W2fDScL150_-GWYQhKseDEmZ1uYrVi0rRaWflEe0Qcv5pHxwicu0SgzrH22mLbvQ4Yf03LGFV6JWpNj69yxP4ZgQBdRlJAwuuEI7_Ah_z8Kig-YHV586K_l5D3HAmI8XNbZ194mhaGXO0JrkC41P1nwvuDrWuSM94tvA9vwASY8JmItwPgBAGgBhGAB_nCySWoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBgBcB%26num%3D1%26sig%3DAOD64_3ulCjWFD3l0r4i8d8zKYP2NDK4RQ%26client%3Dca-pub-7958959566206860%26adurl%3D&cb=539352999
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c5a8431dfb4478fecaaf7e62d9ca9abc773710109a54fb666b65cd17740bd3

Request headers

:method: GET
:authority: storage.bannernow.com
:scheme: https
:path: /BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
content-type: text/html
x-amz-id-2: vws/yw9msbYGSYJaFCD8C9B+4zvkZDSdYBPUXD84y+7KeKEEEiib9PK7j+Bw0lM+5CD6trmpJVQ=
x-amz-request-id: 5SJDYVPQXZ6V8ZKR
cache-control: public, max-age=0, s-maxage=1200
last-modified: Wed, 30 Dec 2020 10:23:36 GMT
cf-cache-status: REVALIDATED
cf-request-id: 0a98a880b0000006096389e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65d476adeeb80609-FRA
content-encoding: gzip

GET
H2 200 fallback.gif
storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/ Frame 66C4 22 KB
22 KB 249ms
249ms Image
image/gif 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/fallback.gif
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93a195621e388f1b4270b634bc4e081d513186745172e5bf946c56ad5035ad

Request headers

Referer: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Dec 2020 10:23:38 GMT
server: cloudflare
x-amz-request-id: 5SJ15TSXWJPTXB1A
etag: "2a20a9863116a8663078ca0a59171e47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: JFAcSBbq3JjNrOVIFHBIT1CSwQcZAUMpYVWmpRJg9f6wq6GXr3b0+YqvJ2ROXpp+LyIysgrB50o=
content-type: image/gif
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 65d476afac180609-FRA
content-length: 22080
cf-request-id: 0a98a881cd000006097511c000000001

GET
H2 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 66C4 105 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 17:54:13 GMT

GET
H2 200 bn_1.0.0.min.js Show response
storage.bannernow.com/resources/lib/ Frame 66C4 83 KB
24 KB 22ms
22ms Script
application/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df316374455605805d8b45d9bb242fd45fe70c9e85269e58f6a6327ab9b3e9b1

Request headers

Referer: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 19:33:46 GMT
server: cloudflare
age: 1000
etag: W/"631fdf0b74eb7e222f430709e29ad28f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: O+Kr6HoQmuZB67mtyvwSp7WOSVUa128ZZfOuETmYKiGTe6oWO9nbrtbAXjjmEg8yq4eMmFMLzwM=
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 65d476afbc240609-FRA
x-amz-request-id: YB16MXJ88Y0MYFK6
cf-request-id: 0a98a881cf0000060977880000000001

GET
H2 200 pixel.png Show response
stats.bannernow.com/ Frame 66C4 95 B
732 B 180ms
141ms XHR
image/png 34.102.219.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.bannernow.com/pixel.png?user_id=usr_cjty5v088000uj6npz2pi4d8r&banner_id=bnr_ckitxs0th00g60nn4gw40xhxs&bannerset_id=fdr_ckitxs0pi005a0nn4rkp62xpg&project_id=prj_cjty5v0d50014j6npiwwrfrw8&domain=commandwindows.com
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.219.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
x-guploader-uploadid: ABg5-UwM2iwfDNAN43ImLCAXIMTsnWkBnEGn5bGLo35D0Jpul9g9RrYNyGEnA2ZhBFEmjfDAGzj4wKFB-ZauxD3ccA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-meta-expires: 0
alt-svc: clear
content-length: 95
x-goog-meta-pixel-region: US
last-modified: Sun, 04 Feb 2018 01:22:19 GMT
server: UploadServer
cache-control: no-cache, no-store, must-revalidate
etag: "9591c410148e6883727c5339fd1c02cd"
x-goog-hash: crc32c=vJqQig==, md5=lZHEEBSOaINyfFM5/RwCzQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1517707340066543
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-meta-pragma: no-cache
x-goog-stored-content-length: 95
accept-ranges: bytes
content-type: image/png
expires: Fri, 10 Jun 2022 17:54:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 66C4 255 B
376 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400&text=FinazeErg%20f%C3%BCdK%E2%80%93jtwlJobsck

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27ced91b889304b48cf0a350079863378435b5107f5f961d25b9e719066caea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 17:54:13 GMT
server: ESF
date: Thu, 10 Jun 2021 17:54:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 17:54:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 66C4 265 B
336 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700&text=Energi%20f%C3%BCdKa%E2%80%93jtzwlJobsckMh

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f4eb5c531a7c4136130548126e0e8e548c37b2347ce7ae6caefd62c96c33ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 17:54:13 GMT
server: ESF
date: Thu, 10 Jun 2021 17:54:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 17:54:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 66C4 207 B
284 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900&text=Mehr%20fan

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e0bafe2e97cae9c26e14d670e114d7de736f690bd089bee5b876a747e91bcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 17:54:13 GMT
server: ESF
date: Thu, 10 Jun 2021 17:54:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 17:54:13 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 66C4 81 KB
81 KB 54ms
43ms Image
image/jpeg 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=1159&h=602&x=center&y=center&q=100&u=https%3A%2F%2Fstorage.bannernow.com%2FBWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF%2Fckjb9uiqh002jjrp4zik8opks.jpg
Requested by: Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbea93a1d8b9bf701289061f5573f3ceaccce28faad78b6d9e8130d97cfc81d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
via: 1.1 12bc6711250373a40a16aeca20244504.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 8571
x-amzn-requestid: aab9ddb2-cb9c-45b2-b938-90fe7151c828
x-thumbnailer-version: 1.2.18
x-cache: Miss from cloudfront
x-amz-apigw-id: Atx7oF8dIAMF3rg=
content-length: 83051
cf-request-id: 0a98a882d7000006096c119000000001
cf-bgj: h2pri
server: cloudflare
x-amzn-trace-id: Root=1-60c2304a-6401bda82fdcbfc11f61d006;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
cf-ray: 65d476b158e50609-FRA
x-amz-cf-id: zt1h2GudfzB_tRRwrOzTcC7efDulMme6LEzrk-cBKhV-Ng2MM5CfiA==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 66C4 1006 B
1 KB 39ms
29ms Image
image/jpeg 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=115&h=68&x=center&y=center&q=100&u=https%3A%2F%2Fstorage.bannernow.com%2FBWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF%2Fckjb9uiqn002tjrp4zf9ju36p.jpg
Requested by: Host: bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
URL: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 665563c2a4e788eebe41f1faf4dd748e9ed08e2575f1128a051c6416d3ad830e

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
via: 1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 165164
x-amzn-requestid: 4eb35398-c8a9-4f22-84ea-f17c2d278aca
x-thumbnailer-version: 1.2.18
x-cache: Miss from cloudfront
x-amz-apigw-id: AnzoBFAQIAMFhKQ=
content-length: 1006
cf-request-id: 0a98a882d8000006097f081000000001
cf-bgj: h2pri
server: cloudflare
x-amzn-trace-id: Root=1-60bfcc99-5a72991d60d4d20f1849f9b0;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 65d476b158ee0609-FRA
x-amz-cf-id: 77EF-OvX0JM7IRaE19qLQFfSLiJCjC_MAUfC8sB7AaKg1Wl8z2Yo1w==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 66C4 6 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=S6uyw4BMUTPHvxwidC_qWm2jjL9WipE-saevZ-PDVyZbLKR6VPCQ8X16duvZJCJLeMa_N-hMjwQJjzKs&skey=2d58b92a99e1c086&v=v17

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&text=FinazeErg%20f%C3%BCdK%E2%80%93jtwlJobsck

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adf082553fd34dd53dd8e8d5c16a9e6ee46d56a4d86079d538ffe6a2e7d991bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://storage.bannernow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:03:02 GMT
x-content-type-options: nosniff
age: 3071
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6552
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:45:44 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 17:03:02 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame 66C4 6 KB
6 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=S6u9w4BMUTPHh6UVewqdLwetp5Z4j5Y7squja-fEUj9ENr5_XUduRaN6VuvSJD9La8mBFe4F5l8mylOFSO-It38mNA&skey=3480a19627739c0d&v=v17

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700&text=Energi%20f%C3%BCdKa%E2%80%93jtzwlJobsckMh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb8f69aad1271f6b0c599f99de82509d0f37e18e08968b3d8146076f2a0f34e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://storage.bannernow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 18:31:17 GMT
x-content-type-options: nosniff
age: 84176
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6528
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:45:44 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 09 Jun 2021 18:31:17 GMT

GET
H3-29 200 font
fonts.gstatic.com/l/ Frame 66C4 3 KB
3 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=S6u9w4BMUTPHh50XewqdFAeljLhThpoq&skey=d01acf708cb3b73b&v=v17

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900&text=Mehr%20fan

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29596ad12f842a2040f90d445c2c63cfe32024a91a70aa64a25961ffe80595b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://storage.bannernow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 01:40:41 GMT
x-content-type-options: nosniff
age: 58412
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3316
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:45:44 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 10 Jun 2021 01:40:41 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 66C4 81 KB
81 KB 26ms
26ms Image
image/jpeg 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=1159&h=602&x=center&y=center&q=100&u=https%3A%2F%2Fstorage.bannernow.com%2FBWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF%2Fckjb9uiqh002jjrp4zik8opks.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbea93a1d8b9bf701289061f5573f3ceaccce28faad78b6d9e8130d97cfc81d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
via: 1.1 12bc6711250373a40a16aeca20244504.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 8571
x-amzn-requestid: aab9ddb2-cb9c-45b2-b938-90fe7151c828
x-thumbnailer-version: 1.2.18
x-cache: Miss from cloudfront
x-amz-apigw-id: Atx7oF8dIAMF3rg=
content-length: 83051
cf-request-id: 0a98a8830b000006094539d000000001
cf-bgj: h2pri
server: cloudflare
x-amzn-trace-id: Root=1-60c2304a-6401bda82fdcbfc11f61d006;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: CDG50-P1
accept-ranges: bytes
cf-ray: 65d476b1a9c40609-FRA
x-amz-cf-id: zt1h2GudfzB_tRRwrOzTcC7efDulMme6LEzrk-cBKhV-Ng2MM5CfiA==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 66C4 1006 B
1 KB 15ms
15ms Image
image/jpeg 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=115&h=68&x=center&y=center&q=100&u=https%3A%2F%2Fstorage.bannernow.com%2FBWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF%2Fckjb9uiqn002tjrp4zf9ju36p.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/BWrmp2x7gNk9VRQrkA8nab3EwPe0AZLGnkOrlLhXwF/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 665563c2a4e788eebe41f1faf4dd748e9ed08e2575f1128a051c6416d3ad830e

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
via: 1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 165164
x-amzn-requestid: 4eb35398-c8a9-4f22-84ea-f17c2d278aca
x-thumbnailer-version: 1.2.18
x-cache: Miss from cloudfront
x-amz-apigw-id: AnzoBFAQIAMFhKQ=
content-length: 1006
cf-request-id: 0a98a8830e00000609778a9000000001
cf-bgj: h2pri
server: cloudflare
x-amzn-trace-id: Root=1-60bfcc99-5a72991d60d4d20f1849f9b0;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
cf-ray: 65d476b1b9d40609-FRA
x-amz-cf-id: 77EF-OvX0JM7IRaE19qLQFfSLiJCjC_MAUfC8sB7AaKg1Wl8z2Yo1w==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
811 B 615ms
615ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=4280157514472972&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C310x320%7C320x360%7C350x380&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid11%3D1020548%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1001%26sap%3D1224%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcommandwindows_com-box-2-1020548%26eb_br%3Da2b45ad7ec25aa78d8641082a295093b%2C43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D5905158604%26asau%3D4257036031%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26acptad%3D1%26br1%3D220%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D300%26reqt%3D1623347652626&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347653&dt=1623347653638&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=600&adys=292&adks=1139380737&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x110&msz=728x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d966c80191b1e4cd4f9e3637ad8988826a93712007408c22978f6b5fad717f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 850ms
849ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3415686393900872&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C340x390%7C350x410&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid11%3D1022947%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1000%26sap%3D1200%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dcommandwindows_com-box-1-1022947%26eb_br%3D666029ee8b3fc7d139e34438527dc02f%2C54d0fa6d5f6aabe7623cb24faa42a441%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D4452476132%26asau%3D2780302833%26bv%3D24%26bvm%3D0%26bvr%3D2%26shp%3D2%26acptad%3D1%26br1%3D30%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C0%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D280%26reqt%3D1623347652627&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347653&dt=1623347653641&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=610&adks=3944075631&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=1100&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b8bed4a74622a16fc676da17cebfa743552b932f572440a0a7a547971a789a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10656
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 21ms
20ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:13 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNjE2NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4OCwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNjE2NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4OCwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:13 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:14 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
171 B 178ms
178ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=4076701601141957&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C310x320%7C320x360%7C350x380&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid11%3D1020548%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1001%26sap%3D1224%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcommandwindows_com-box-2-1020548%26eb_br%3D7644bd8cf64286b12402b3cfed8ec5ea%2Caf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D5905158604%26asau%3D4257036031%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26acptad%3D1%26br1%3D140%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C20%2C17%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1623347654267&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347654&dt=1623347654276&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=600&adys=292&adks=1139380737&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x110&msz=728x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c537f1918ca282fc0820dc056566aa980f76a0e53f8eaa8f7e7480ea9765fabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81CE 42 B
64 B 58ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGAYB8du6AT0WMxPAuIemz-UipxRtAVlr5GrqBzzwNWx2ienwEMI05uL0jSp85YwZOPl_zu8HfO0H-XMDn552BL814O3nXjlj49g7z_rrD10bHwj3zXQERJqc&sai=AMfl-YQfPk8fWa5SAk1Tt71krBQDeIasmLVpTzltkuQbs29NEfjwc7XunRZKsLxJGuykbMNAXcClMfup9ft58prcpM1_eBLVPhNCCPxvv_vBoZZN0xzFoVsIPJweYUiQ&sig=Cg0ArKJSzN8WDvTcEHaKEAE&cid=CAASFeRoFTp8Q6XEwnVfmi40nBgLVi1G4g&id=lidar2&mcvt=1000&p=1108,436,1198,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210609&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3676449675&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623347652461&dlt=8&rpt=210&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 23D4 191 KB
55 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74642
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 23D4 12 KB
5 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74642
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 23D4 87 KB
27 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74642
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 23D4 4 KB
2 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74642
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 23D4 41 KB
13 KB 50ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74642
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
DATA 200
OK truncated
/ Frame 23D4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b02708cf2f09f12d23a4de0015398adf3f4f5f07bd4c48be144bedabd483f1d8

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5689072784428828488
tpc.googlesyndication.com/simgad/ Frame 23D4 73 KB
73 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5689072784428828488?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmikZmQgxbUJdH5rFUAiWMIA-nfiA

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31c36cf78e9232d9b1f783da56b312630f6aea61a5390538823d8f777fdf1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 20:44:34 GMT
x-content-type-options: nosniff
age: 162580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74826
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 10:09:47 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 20:44:34 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23D4 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15576
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:34:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23D4 295 B
399 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 70095
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23D4 0
0 64ms
63ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj2ifxVHCYNmrKoaWgQeqqrC4DrLE2o5isrPl1vgN-KrKjrobEAEgwtPvI2D1lc6B4ASgAePPmb8DyAEC4AIAqAMByAMIqgT2AU_QyAg_FIOwf8iqZP3gYy1KI5R-txXZASYcDzkWJ4eOPRQfJamX2MPbF2PAqm7FCetVTVjvV4u1Fs2kveh8qCcl_oK3koosSV-Wg59KaGva7d8GqjUZ37JjPJmdZi7SxoZ-sL1coSthqtZTq_8fs6XlHhZjC1wY4S_sbIBLUo6ZeTbNvyOlYrMOO3jp-YKpOgCrEqyBSdYcfk7WqeMD_GIJNnMRuyQvPY9DJI7QBcuhT5H2XjTBQwxqlqOdzV759zlrlrH8nXV7z9qOKhPy8aebvXpDnouJvBTtzgTZjzib7iTr84hjNwKNI6igx8SGDX5ripfcT8AEr-PRpvgC4AQBkgUECAQYAZIFBAgFGASgBgKAB4DenT6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ0LM50ggHCIBhEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi03OTU4OTU5NTY2MjA2ODYw&sigh=lz4JbGRt9BM
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
65 B 24ms
22ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjY2NjAyOWVlOGIzZmM3ZDEzOWUzNDQzODUyN2RjMDJmLDU0ZDBmYTZkNWY2YWFiZTc2MjNjYjI0ZmFhNDJhNDQxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIyOTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAzLCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMywiYmlkX2Zsb29yX3ByZXYiOjAuMDAyOCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ3NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjY2NjAyOWVlOGIzZmM3ZDEzOWUzNDQzODUyN2RjMDJmLDU0ZDBmYTZkNWY2YWFiZTc2MjNjYjI0ZmFhNDJhNDQxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIyOTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAzLCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMywiYmlkX2Zsb29yX3ByZXYiOjAuMDAyOCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ3NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=30; ezouspva=1; ezouspvh=30
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:15 UTC

GET
H2 200 4967849476 Show response
g.ezoic.net/dac/ 0
40 B 27ms
26ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4967849476
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:14 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 24ms
24ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=30; ezouspva=1; ezouspvh=30
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:14 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 24ms
24ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY1NSwiYWRfcG9zaXRpb24iOjEwMDAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NTUwLCJiaWRfZmxvb3JfcHJldiI6MjgwLCJiaWRfZmxvb3JfZmlsbGVkIjozMCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODcxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMDQ0MTg1NDgsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3Nn1d
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY1NSwiYWRfcG9zaXRpb24iOjEwMDAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NTUwLCJiaWRfZmxvb3JfcHJldiI6MjgwLCJiaWRfZmxvb3JfZmlsbGVkIjozMCwiYXVjdGlvbl9jb3VudCI6MywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODcxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMDQ0MTg1NDgsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3Nn1d
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=30; ezouspva=1; ezouspvh=30
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:14 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:14 UTC

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 23D4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

19ms
18ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 10 Jun 2021 17:54:14 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 44ms
17ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcommandwindows.com%2F&domain=commandwindows.com&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://commandwindows.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://commandwindows.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1449
date: Thu, 10 Jun 2021 17:54:14 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcommandwindows.com%2F&domain=commandwindows.com&cw=1
https://mug.criteo.com/sid?cpp=VdmOPXxiRGdrQVMzSk1FUEQ4T1ZUTlRLb2gyZ1B0ZXloUDZTWjE4RVI0dGdRTW9ncXoxdHlXT2IzdHF4b3BhYk5CVWswWml5MlY4eGRrcEJCVkl5amdkTm0wQUh2TmhkZ1VaZXJFMzVOZm95OG0vQ1FLRXpsWXhvSjRHQk...

342 B
624 B

105ms
36ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VdmOPXxiRGdrQVMzSk1FUEQ4T1ZUTlRLb2gyZ1B0ZXloUDZTWjE4RVI0dGdRTW9ncXoxdHlXT2IzdHF4b3BhYk5CVWswWml5MlY4eGRrcEJCVkl5amdkTm0wQUh2TmhkZ1VaZXJFMzVOZm95OG0vQ1FLRXpsWXhvSjRHQkZ5NWQ4TkUwYzdmYXZCcHViRXVVTW1sZE51dU9GQkxSa1NaUUVEd3Q0ejdaZXhJRVlobytWZXRXdVlWTmM3Rlplc1pmSG0zanRSRU1ZdmllL3cvMVN3UUwwZWZ3dGxkOUpSak5oTXlHMW5sRmJlNHo4TVhBPXw&cppv=2

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

79f0b526e4f526dfefebabcf466b5733b03e98816e9910126f0178aa7f0c9eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 10 Jun 2021 17:54:14 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2134
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 10 Jun 2021 17:54:14 GMT
location: https://mug.criteo.com/sid?cpp=VdmOPXxiRGdrQVMzSk1FUEQ4T1ZUTlRLb2gyZ1B0ZXloUDZTWjE4RVI0dGdRTW9ncXoxdHlXT2IzdHF4b3BhYk5CVWswWml5MlY4eGRrcEJCVkl5amdkTm0wQUh2TmhkZ1VaZXJFMzVOZm95OG0vQ1FLRXpsWXhvSjRHQkZ5NWQ4TkUwYzdmYXZCcHViRXVVTW1sZE51dU9GQkxSa1NaUUVEd3Q0ejdaZXhJRVlobytWZXRXdVlWTmM3Rlplc1pmSG0zanRSRU1ZdmllL3cvMVN3UUwwZWZ3dGxkOUpSak5oTXlHMW5sRmJlNHo4TVhBPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1817
content-length: 482
expires: 0

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
629 B 320ms
109ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Jun 2021 17:54:15 GMT
server: envoy
cwdl: 22/4211,22/4211,22/4211,22/4211,22/4211
access-control-allow-origin: https://commandwindows.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
cw-server: bid-deployment-5fcfb8b64b-zlfts

POST
H2 204 prebid Show response
targeting.unrulymedia.com/ 0
174 B 139ms
57ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/prebid
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://commandwindows.com
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:15 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
191 B 105ms
34ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=31283733938
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://commandwindows.com
date: Thu, 10 Jun 2021 17:54:14 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
ezoic-d.openx.net/w/1.0/ 190 B
490 B 96ms
89ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ezoic-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcommandwindows.com%2F&ch=windows-1252&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=acf3710a-dd5c-4e24-9516-5369f7625d72%2C0be98d49-d8ad-4a0f-ae00-dd97e435e827%2Cab6db04d-301c-4003-9bd3-5cd73366f012%2C09ef5a71-cfb5-44c4-834c-33410224957b&nocache=1623347655315&us_privacy=1---&schain=1.0%2C1!ezoic.ai%2Cc58b3949b5c3a53357e53016653adaee%2C1%2C%2C%2C&aus=728x90%7C300x600%2C160x600%7C160x600%2C300x600%7C728x90&divIds=div-gpt-ad-commandwindows_com-medrectangle-2-0%2Cdiv-gpt-ad-commandwindows_com-banner-2-0%2Cdiv-gpt-ad-commandwindows_com-box-1-0%2Cdiv-gpt-ad-commandwindows_com-box-2-0&auid=538151782%2C538151779%2C538151780%2C538151782
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: f6472b604edcdcb700c35ef761774e9d20a92fef53ea7434b52b44af7f295a06

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
server: OXGW/16.208.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://commandwindows.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 118ms
63ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://commandwindows.com
date: Thu, 10 Jun 2021 17:54:14 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
529 B 87ms
32ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=305141&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22295751f217c1517%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcommandwindows.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.27.0%22%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22c58b3949b5c3a53357e53016653adaee%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230c98907defde81%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2231132b631be7b31%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305145%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232fa4e6c41d8cba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22332aa53f878088a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305137%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2231132b631be7b31%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305145%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232fa4e6c41d8cba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a6c9aca77de58176e1242e5495c1ccaed2397c14d7405299b1889b1affcee7de

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://commandwindows.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 45
x-ak-client-geo: 12
expires: Thu, 10 Jun 2021 17:54:15 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
722 B 36ms
36ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid: 24e70ab6-82cb-4b45-9e52-f667e60926dd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://commandwindows.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
786 B 349ms
137ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 869ad5af57cedda3619190f755b6ce8cc5c9857c2719e2cb27b0a3fad800ab9e

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://commandwindows.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 32
content-length: 354

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
723 B 110ms
75ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:15 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.232:80
AN-X-Request-Uuid: 5fcbb115-31e3-433c-aafa-32a8ca130a13
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://commandwindows.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 687 B
194 B 777ms
776ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3014804279559561&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430%2C300x600%7C310x320%7C390x390%7C410x390&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3D1b53ec46d2403695cebecc9fc3f37a77%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D1200%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3D8440f055825a6addcb118a0018400c4d%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D950%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347655&dt=1623347655333&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697%2C250&adys=1551%2C2402&adks=4216951667%2C3272357030&ucis=a%7Cb&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270%7C300x636&msz=250x250%7C300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4%2C4&ohw=750%2C300&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1a6f922de8e691d7f46a2975a7e17a89238f60b53bd8bbe8ef758e8d35e51f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 102ms
32ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1141
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 23D4 42 B
64 B 59ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9E66rMnBqfqhyAiid9cPDyMjr8oLFLvjEoe6J_BCrnQHgMUHn1i40YTshMWDI6X5G2c59IjCZ_tZp0yVc1Sx3-0SLQAfege2vAAsTZcWcppiUJWzG8oJjYSU&sai=AMfl-YTC9XGmDFSCcO_VSd7J5fLOvdf_2jXeIIOz8ncYXNBo3Sgyc-lHAh-QZadnKBxU4bSarFAOSWjGPY9qgBS1X-4uZXzAgYGzEpUMt2EHNB2rCB0KNIuebjaeLib8&sig=Cg0ArKJSzEbMDb4nHnsOEAE&cid=CAASFeRohTYZRj53GpmkypQAG3kd5aA2SA&id=ampim&o=250,610&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=108&tls=1108&g=98.33333492279053&h=98.33333492279053&tt=1108&r=v&avms=ampa&adk=3944075631

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 21ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=30; ezouspva=1; ezouspvh=30; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:15 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:15 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 622ms
622ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=2118257162561444&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C310x320%7C320x360%7C350x380&ris=2&rcs=4&prev_scp=a%3D%257C3%257C%26iid11%3D1020548%26iit%3D2%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1001%26sap%3D1224%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dcommandwindows_com-box-2-1020548%26eb_br%3D82cfe86b2cbbc0cb01ca62b085ea1019%2C527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D5905158604%26asau%3D4257036031%26bv%3D18%26bvm%3D0%26bvr%3D8%26shp%3D1%26acptad%3D1%26br1%3D70%26br2%3D400%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C152%2C194%2C27%2C94%2C122%2C91%2C20%2C26%2C201%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C20%2C17%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D140%26reqt%3D1623347654785&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347655&dt=1623347655803&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=600&adys=292&adks=1139380737&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x110&msz=728x90&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d6c0131b7d0bb5b9357db9ab738389a366293f39e25b6daf3f5271380783dcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10717
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 21ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIyOTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0NzYsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMjk0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIyOTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0NzYsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; ezouspvv=30; ezouspva=1; ezouspvh=30; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:15 UTC

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame FE1F 191 KB
54 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74644
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame FE1F 12 KB
4 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74644
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame FE1F 87 KB
27 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74644
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame FE1F 4 KB
2 KB 34ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74644
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame FE1F 41 KB
13 KB 34ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74644
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE1F 2 KB
2 KB 24ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15578
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE1F 295 B
319 B 25ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 70097
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
DATA 200
OK truncated
/ Frame FE1F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d392ee0ff2a58b2d4ca05804207339310014ce6f76fd35a2855b0b8f6187c040

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 12679658267762343183
tpc.googlesyndication.com/simgad/ Frame FE1F 56 KB
56 KB 28ms
12ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12679658267762343183?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkAEfi_Nmda8hY7f1hS-b5GSaq2Ig

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82365680ddb2173ed757ef8ed4406085685a53b3ce36759cc31e91b151946806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:10:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 10:09:53 GMT
server: sffe
age: 168230
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57122
x-xss-protection: 0
expires: Wed, 08 Jun 2022 19:10:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FE1F 0
0 25ms
22ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3FlBY89nqfziUifcTD6a76r6q4BhLg02AJAx_gk2H4GNX3yUOSmVhmvOM0vcXsocP4UDRutIhKBIVoBPRMZ_Gs0IssA
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FE1F 0
0 35ms
33ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIy6gx1HCYIujNIuAx_APq-q9oAWyxNqOYpK35db4Dfiqyo66GxABIMLT7yNg9ZXOgeAEoAHjz5m_A8gBAuACAKgDAcgDCKoE9AFP0CUVdG1z_kfVQOiCYl_0YZOwH5ulZ2IyV9P9RXsXIc6VxdaWpyHlJrEmblMHaCbgV4BRb7TXu40m0T6yEDY8Gkq9Vbp1t926HX2rRt1XW4WQxm5RSHtCN9LUdsbwQpQyuCDnHXgo6gWgmnGSV332ugEIZ-PiBYZ4oSbqrQK-DD3vcsrJhPVs8BMoossDVfuU0CmQ_EdBlbmk4N_xJCMLApAQ3olcUhdxaKlHF918KfhdGUtzdx_OYfRXYD6YDQQH-w-4L-Jph5yZ4MNg8CWlKQXuLExCyjDQTb1s5PDHyrft9Gns_OXKE6plshpOpocRCrS0wASv49Gm-ALgBAGSBQQIBBgBkgUECAUYBKAGAoAHgN6dPqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDH5CrSCAcIgGEQARgdgAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTc5NTg5NTk1NjYyMDY4NjA&sigh=Wc3ty8AdCNE
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjA1NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjgyY2ZlODZiMmNiYmMwY2IwMWNhNjJiMDg1ZWExMDE5LDUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIwNTQ4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDA3LCJhZF9wb3NpdGlvbiI6MTAwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNywiYmlkX2Zsb29yX3ByZXYiOjAuMDAxNCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjA1NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ3NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjA1NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjgyY2ZlODZiMmNiYmMwY2IwMWNhNjJiMDg1ZWExMDE5LDUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIwNTQ4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDA3LCJhZF9wb3NpdGlvbiI6MTAwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNywiYmlkX2Zsb29yX3ByZXYiOjAuMDAxNCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjA1NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ3NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:16 UTC

GET
H2 200 4967849476 Show response
g.ezoic.net/dac/ 0
40 B 25ms
24ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4967849476
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:16 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:16 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY1NiwiYWRfcG9zaXRpb24iOjEwMDEsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NjAwLCJiaWRfZmxvb3JfcHJldiI6MTQwLCJiaWRfZmxvb3JfZmlsbGVkIjo3MCwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjQxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMDQ0MTg1NDgsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3Nn1d
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY1NiwiYWRfcG9zaXRpb24iOjEwMDEsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NjAwLCJiaWRfZmxvb3JfcHJldiI6MTQwLCJiaWRfZmxvb3JfZmlsbGVkIjo3MCwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjQxLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMDQ0MTg1NDgsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3Nn1d
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:16 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2MDAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjI5MiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMjUwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI2MTAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDYxNjQ4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODgsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjY5NyJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTU1MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjI1MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjQwMiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2MDAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjI5MiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMjUwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI2MTAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDYxNjQ4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODgsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjY5NyJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTU1MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjI1MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjQwMiJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:16 UTC

GET
H3-29 200 12679658267762343183
tpc.googlesyndication.com/simgad/ Frame FE1F 56 KB
56 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12679658267762343183?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkAEfi_Nmda8hY7f1hS-b5GSaq2Ig

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82365680ddb2173ed757ef8ed4406085685a53b3ce36759cc31e91b151946806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 19:10:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 10:09:53 GMT
server: sffe
age: 168230
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57122
x-xss-protection: 0
expires: Wed, 08 Jun 2022 19:10:26 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE1F 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15578
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE1F 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 70097
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
31 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSWP59F

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/detroitchicago/seattle.js?cb=194-1-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec95f3546df767ceea72daf07e13781bb67da8175e098381ef80c3e9d610b5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31953
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 17:17:32 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Jun 2021 17:54:16 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
168 B 495ms
494ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=537455721020207&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=2&rcs=1&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3D21e6a29247e405d0db3606fda8999ba6%2C5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D650%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1200%26reqt%3D1623347656134&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347657&dt=1623347657153&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=d&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

65fcced7ad1d47cbda75ff11bfecc8146b47de427be888bc3ef0f9161d4114f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
173 B 640ms
639ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=1891016084569058&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C390x390%7C410x390&ris=2&rcs=1&prev_scp=a%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3D36cc80a070c5e247c8c415012358463e%2C5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D500%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D950%26reqt%3D1623347656135&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347657&dt=1623347657157&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=2402&adks=3272357030&ucis=e&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=300&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

67dcefb76e4a302acb6c1f6ed03ff0f1930c0c3e5a3673f168f57d033d1b4407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif Show response
commandwindows.com/detroitchicago/ 0
65 B 22ms
22ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiJOYU4ifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjUifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiTmFOIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNjMzNjAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzOTYwIn1dfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJkb21haW5faWQiOiIxNDYiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiJOYU4ifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjUifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiTmFOIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNjMzNjAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzOTYwIn1dfV0=
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70; ezepvvr=NaN
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:17 UTC

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FE1F 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuULN46h8LtZYnq_bAXMZldmI7fIGlXFQv87Xck1X8cpwznE1CzuSAl3GPsKdVg1tYJ2Hs6vtvjBRpZpasr42F4g0oxCyVHX9oTXzDsb5B_KomkuAzXK0nqzwQ&sai=AMfl-YSykxvrHQIU25-NEtxlhMGyCxB5YJq1ecfFIZ1gVipSO85B4CtctsiSnkJqRKe5F5DKvI7VX4ng-d-1A-MybXZKya1nVRLILKdSIAV1gz4OZmAq55D7LGR0qRPU&sig=Cg0ArKJSzHLw2LS_Ne_3EAE&cid=CAASFeRo6IRH_FEYKl7_Rv62ZueXJY_qmQ&id=ampim&o=600,292&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=35&tls=1035&g=100&h=100&tt=1035&r=v&avms=ampa&adk=1139380737

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 27ms
27ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70; ezepvvr=NaN
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:17 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
168 B 461ms
460ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=2920988902714430&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=1&rcs=2&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3D235a54888c7ee72f359041faf3ce4c23%2C76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D400%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D650%26reqt%3D1623347657667&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347657&dt=1623347657677&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=f&ifi=15&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8c38668a294f9b64ab97d315f6d130784c26264481d907bcdcb00eac8fb5955f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
173 B 443ms
442ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=4124057573247816&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C390x390%7C410x390&ris=1&rcs=2&prev_scp=a%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3D119b88423fa30735563fe08dfa70a0b2%2C9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D350%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1623347657817&eri=1&cookie=ID%3De8e9fae38446fedf%3AT%3D1623347649%3AS%3DALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ&bc=31&abxe=1&lmt=1623347657&dt=1623347657824&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=2402&adks=3272357030&ucis=g&ifi=16&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=300&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

48ca02368e4b9bd05145392bf54c984ae0a6973e0a7364c6b02df9013bd62c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dark-bottom.css
commandwindows.com/ezoic/styles/ 3 KB
787 B 24ms
24ms Stylesheet
text/css 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/ezoic/styles/dark-bottom.css
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

:path: /ezoic/styles/dark-bottom.css
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70; ezepvvr=NaN
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: br
last-modified: Wed, 02 Jun 2021 21:58:41 GMT
server: nginx/1.16.0
etag: "bd7-5c3cf8fc12640-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 725

GET
H2 200 agent Show response
commandwindows.com/jass/ 73 B
130 B 23ms
23ms XHR
application/json 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/jass/agent?agent=mozilla/5.0%20(windows%20nt%2010.0;%20win64;%20x64)%20applewebkit/537.36%20(khtml,%20like%20gecko)%20chrome/89.0.4389.72%20safari/537.36&w=1600&h=1200&ffid=1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 8fe383fda0c75adf2e358b89f81f24247ea3069c83190fee491c6b449c0acf59

Request headers

:path: /jass/agent?agent=mozilla/5.0%20(windows%20nt%2010.0;%20win64;%20x64)%20applewebkit/537.36%20(khtml,%20like%20gecko)%20chrome/89.0.4389.72%20safari/537.36&w=1600&h=1200&ffid=1
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70; ezepvvr=NaN
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300, private
content-length: 69

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 22ms
21ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7a6473b7bcce61e13cee6c5d7fd9b7bb9300c197e3c68e722d14798dd9979c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8531
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:54:17 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 21ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjA1NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNTIifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjA1NDgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNTIifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: __gads=ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ; _pbjs_userid_consent_data=3524755945110770; cto_bidid=lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE; cto_bundle=mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw; ezouspvv=100; ezouspva=2; ezouspvh=70; ezepvvr=NaN; ezux_lpl_146=1623347657899|af55c9e1-6a16-4923-4e54-571e715c6a32|false
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:18 UTC

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame A018 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 10 Jun 2021 16:59:40 GMT
expires: Fri, 10 Jun 2022 16:59:40 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9B2D 783 B
533 B 17ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd4967ed6f80b488d98eaabc667f20e6243d3ab3cdf331f3c7444c27e186656f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CHUFWDF2yV+7G+0s88KoZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

expires: Thu, 10 Jun 2021 17:54:17 GMT
date: Thu, 10 Jun 2021 17:54:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CHUFWDF2yV+7G+0s88KoZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js Show response
pagead2.googlesyndication.com/bg/ Frame A018 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6ARyktE4tPRvvoSTtP7tfQ53d_-1azzHygxxMe6f4h8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 16:45:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5749
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jun 2022 16:45:09 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=739924062618941&bg=!ZmWlZSHNAAY6sG-_OrA7ACkAdvg8WsX8NfJopPg_tsTJfIDwaQNiXqQQkxM5ZH6RI6eBtpeMGG-oSAIAAABlUgAAAAtoAQcKAFNoVjR6ufIK2JH-CsY5tFx_v2LT3OzTZg_1PISFzBkRNrGRqFkdIhkmIL5drsrJLmqIuq5MxXlEXMv0HN0uz2Afl0e-YTeh50O3YTF39SQj4OR3V5kCeq4c-t4vkWQcF1yKMJMae2mFUJLcADKG3vAHv6iOt0VGv2XFLlWaC-2w3Gamyg32Qpund6Ob0E3lgfhej5sUpMJg9iYvo5K1dcTwYZ9Zjlc0VeoyLWne66ae3eX2zsy5gUcMJEPeNmt-vNPg1nnyebK7lcxVsafIf1-BFdklBfFcbif4lifKU7vW49qDrVteswBcy_ed9rk90ATTwNBv7dyvVbK4Xt8_BnOTXvcewyLcw3quEyl0HKmNqKhwmskjkAkG4SNcp2qptA5GsKg7IDtu9Y_JCAqR46ozyEj1tweoJgBeoKj3j6ykmVkk47hBxguiqrmCiLKkwrr5V_OxclK9fUmFpWO0SjGzLscuCzfkWKEhhhcgtg0jmKuHyuOHodqtshcmP8onFBynBiXq0KTrsuehDGlFQyrIF1Tq4wPIUwbPC8TCOYe8YJayr94RQ6xYA0RrYM1IX131kCNuRX2_SSFneiezQvAtk928lT4AZJcw24l9ru-LE6F8HVw2UeUXT-_1thyUjD3gIYNo7Bq2k56RYp1yUqHw0DPiw7X2JEpbabCPsQsCLmmsMEZJTZGAzqMxpQRO8N5ICbAZv9ylUDLcY38avisTVGTkxv3RLbqIRCLsxx2tHzOJfUoNu3a-2gnMuLYjDouOJSeBXogYoGUJz7iS9DUvzgmsBt_7QVy-q5hUyArWhWs7WJrK2qSwHS0KjtRt5rsVQ8gP1W8lJZ_WjWe1thuViKlA5ZRsfLTfn67OHq_nwmiLly2jI_OeX6OmI-jAXxbF7pwGRLhRLnGWfwnGnXmuI1JY_rmrbuNZ7s5QOfWscezBc-iz1gHhI_PqCQEzGqU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 51ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:54:18 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7A40 2 KB
2 KB 13ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=commandwindows.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=commandwindows.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1491
set-cookie: uid=49f81e05-525b-46c0-971a-99ef9decf6a0; expires=Fri, 10 Jun 2022 17:54:18 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 1129

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
27 KB 44ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 14:09:58 GMT
server: nginx
etag: W/"60b79136-14aab"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 11 Jun 2021 17:54:18 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 213 B
536 B 174ms
96ms XHR
application/json 51.89.21.30
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

59499c37eb41729cccda67f644447157ba534001913324a8a305cdcbd3bb5081

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://commandwindows.com
Date: Thu, 10 Jun 2021 17:53:06 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 92E9 2 KB
1 KB 81ms
26ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://commandwindows.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 10 Jun 2021 17:54:18 GMT
Connection: keep-alive

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7FA9 38 KB
14 KB 29ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=132254
expires: Sat, 12 Jun 2021 06:38:32 GMT
date: Thu, 10 Jun 2021 17:54:18 GMT
vary: Accept-Encoding

GET
H2 200 visitormatch Show response
bh.contextweb.com/ Frame EE7D 4 KB
5 KB 106ms
106ms Document
text/html 198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

a39e006bdffd36ea6e9112b707f513911d5c2919cbdda68241af80aba63fdd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: bh.contextweb.com
:scheme: https
:path: /visitormatch
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-k8nvs
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
set-cookie: V=g81R1zO6u4Xt;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 05-Jun-2022 17:54:18 GMT;Max-Age=31104000;SameSite=None pb_rtb_ev=3-17kc|89b.0|88b.0|8ea.0|8fg.0|2JB.0|7Nq.0|7Bj.0|7aw.0|8as.0|7TY.0|7TZ.0|8fr.0|8cn.0|7br.0|7Fn.0|7ND.0|7bs.0|8fP.0|6zB.0|7Xh.0|83u.0|8dQ.0|87G.0|8bO.0|2N.0|7RY.0|7dN.0|4is.0|89W.0|7Rn.0|7I7.0|3oy.0|81B.0;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 10-Jun-2022 17:54:18 GMT;Max-Age=31536000;SameSite=None INGRESSCOOKIE=23ec355ba7b3fdcc; path=/; HttpOnly; Secure; SameSite=None
content-length: 3876
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 third-party-iframes.html Show response
video.unrulymedia.com/iframes/ Frame B292 466 B
873 B 80ms
23ms Document
text/html 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba49e23fe9269a203befcd1ff0182766711afab8a5e9d098e86cb3ed13248be2

Request headers

:method: GET
:authority: video.unrulymedia.com
:scheme: https
:path: /iframes/third-party-iframes.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

content-type: text/html
content-length: 466
last-modified: Mon, 07 Jun 2021 12:33:17 GMT
x-amz-expiration: expiry-date="Tue, 06 Jun 2028 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges: bytes
server: AmazonS3
date: Thu, 10 Jun 2021 17:46:24 GMT
cache-control: max-age=600
etag: "99742e48548c92acc64c0fce94ab9b0e"
x-cache: Hit from cloudfront
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vp1mxrfogSCP9SI-TT1ffB669JaxMRf921H-HGECnnk_LJor-EJ7SA==
age: 474

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---

1007 B
863 B

30ms
30ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 20cf54828e96bf56f21818160931f6cb692f1ab2005a3ce0c38d64777b9edb59

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://commandwindows.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=4fb5e866-307e-0050-31c7-91ba48b94163|1623347658
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=4fb5e866-307e-0050-31c7-91ba48b94163|1623347658; Version=1; Expires=Fri, 10-Jun-2022 17:54:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1623347658|mOgegqnskin0vNomiygu; Version=1; Expires=Fri, 25-Jun-2021 17:54:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=4fb5e866-307e-0050-31c7-91ba48b94163|1623347658; Version=1; Expires=Fri, 10-Jun-2022 17:54:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.208.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4C80 52 KB
17 KB 98ms
32ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://commandwindows.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 11 Jun 2021 17:54:20 GMT
Date: Thu, 10 Jun 2021 17:54:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F9D5 52 KB
17 KB 96ms
34ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,ix,oftmedia,openx,pubmatic,pulsepoint,unruly&cb=194-1-22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://commandwindows.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://commandwindows.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 11 Jun 2021 17:54:20 GMT
Date: Thu, 10 Jun 2021 17:54:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7FA9 5 KB
6 KB 34ms
34ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1849907&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 74db8b7301d4380bed64ab520e4efac8bf3414e98f8c0dce3edff6ef106c3959

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:17 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame DF37
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771

35 B
468 B

46ms
45ms

Document
image/gif

37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=2403553541928046679; expires=Mon, 09 Aug 2021 17:54:18 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=47760EDE-6080-44AA-A222-2DB7A21AB771
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sat, 10 Jul 2021 17:54:18 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcnTFP_UaZI0GYPz6TFAvk&google_cver=1

42 B
285 B

38ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcnTFP_UaZI0GYPz6TFAvk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:1047
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDcnTFP_UaZI0GYPz6TFAvk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 45E2
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7273492026487536892

42 B
210 B

47ms
42ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7273492026487536892
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7273492026487536892
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35; KRTBCOOKIE_153=19420-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7&KRTB&22979-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7; PugT=1623347658; PUBMDCID=3; KRTBCOOKIE_1101=23040-6972225101170276494; KRTBCOOKIE_27=16735-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&16736-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23019-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23114-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-7273492026487536892; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:18 GMT; path=/ PugT=1623347658; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:18 GMT; path=/
x-lat: lhrpug007:0:413
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7273492026487536892
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&gdpr=0&gdpr_consent=

42 B
338 B

34ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:456
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Jun 2021 17:56:10 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:09 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=556477824948206670

42 B
233 B

43ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=556477824948206670
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:865
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=556477824948206670
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f20408e4-7797-4367-80ea-1fc17cd6f1e4

42 B
294 B

36ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f20408e4-7797-4367-80ea-1fc17cd6f1e4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:457
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f20408e4-7797-4367-80ea-1fc17cd6f1e4
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8A75 43 B
369 B 36ms
33ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 10 Jun 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1203
x-powered-by: ASP.NET
date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 43

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=299143925439203548&gdpr=0&gdpr_consent=

42 B
210 B

38ms
36ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=299143925439203548&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:375
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 14bb6e96-599e-4041-9aaa-bc84ce6c7b36
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=299143925439203548&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7

42 B
426 B

33ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2221
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225101170276494

42 B
211 B

34ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225101170276494
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225101170276494
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6972225101170276494; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:18 GMT; path=/ PugT=1623347658; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:18 GMT; path=/
x-lat: lhrpug015:0:594
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 10 Jun 2021 17:54:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6972225101170276494; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6972225101170276494

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4055
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBMXIwN0JoS1FBQURMb1ZJQ3UyZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAA1r07BhKQAADLoVICu2g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=194909576046506650
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D194909576046506650%26bee_sync_partners%3Dpm%26bee_sync_...
https://match.prod.bidr.io/cookie-sync?userid=194909576046506650&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACPgk7BhKQAADFvl-nfPg&pid=558502&do...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg

42 B
130 B

34ms
33ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35; KRTBCOOKIE_153=19420-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7&KRTB&22979-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7; PUBMDCID=3; KRTBCOOKIE_1101=23040-6972225101170276494; KRTBCOOKIE_27=16735-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&16736-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23019-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23114-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079; KRTBCOOKIE_80=22987-CAESEDcnTFP_UaZI0GYPz6TFAvk&KRTB&16514-CAESEDcnTFP_UaZI0GYPz6TFAvk&KRTB&23025-CAESEDcnTFP_UaZI0GYPz6TFAvk; KRTBCOOKIE_336=5844-7273492026487536892; KRTBCOOKIE_409=22966-4gwPIJVjy59NjTLiTw0QW9Fy; KRTBCOOKIE_188=3189-7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348; KRTBCOOKIE_391=22924-556477824948206670&KRTB&23263-556477824948206670; KRTBCOOKIE_57=22776-299143925439203548; KRTBCOOKIE_377=6810-f20408e4-7797-4367-80ea-1fc17cd6f1e4&KRTB&22918-f20408e4-7797-4367-80ea-1fc17cd6f1e4&KRTB&23031-f20408e4-7797-4367-80ea-1fc17cd6f1e4; SPugT=1623339574; KRTBCOOKIE_22=14911-2552665390517806558; KRTBCOOKIE_1074=22956-e_e5741d97-7df9-4400-8de1-8b3f232b7629; KRTBCOOKIE_466=16530-c60b42f1-f3a1-44be-ac37-9594017e1f1f; KRTBCOOKIE_699=22727-AACPgk7BhKQAADFvl-nfPg; PugT=1623347659; KRTBCOOKIE_218=22978-YMJRygABdgdu7ABg&KRTB&23194-YMJRygABdgdu7ABg&KRTB&23209-YMJRygABdgdu7ABg&KRTB&23244-YMJRygABdgdu7ABg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:19 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_699=22727-AACPgk7BhKQAADFvl-nfPg; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:19 GMT; path=/ PugT=1623347659; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:19 GMT; path=/
x-lat: lhrpug010:0:441
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Thu, 10 Jun 2021 17:54:19 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:65bd650e-8704-409c-af6b-de1a095e8397&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

41ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:65bd650e-8704-409c-af6b-de1a095e8397&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:414
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:65bd650e-8704-409c-af6b-de1a095e8397&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr=0&gdpr_consent=

42 B
231 B

44ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:522
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:17 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9CA5
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=533899863
https://sync.1rx.io/usersync/tradedesk/f20408e4-7797-4367-80ea-1fc17cd6f1e4
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

42 B
427 B

35ms
35ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35; KRTBCOOKIE_153=19420-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7&KRTB&22979-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7; PUBMDCID=3; KRTBCOOKIE_1101=23040-6972225101170276494; KRTBCOOKIE_27=16735-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&16736-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23019-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23114-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079; KRTBCOOKIE_80=22987-CAESEDcnTFP_UaZI0GYPz6TFAvk&KRTB&16514-CAESEDcnTFP_UaZI0GYPz6TFAvk&KRTB&23025-CAESEDcnTFP_UaZI0GYPz6TFAvk; KRTBCOOKIE_336=5844-7273492026487536892; KRTBCOOKIE_409=22966-4gwPIJVjy59NjTLiTw0QW9Fy; KRTBCOOKIE_188=3189-7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348; KRTBCOOKIE_391=22924-556477824948206670&KRTB&23263-556477824948206670; KRTBCOOKIE_57=22776-299143925439203548; KRTBCOOKIE_377=6810-f20408e4-7797-4367-80ea-1fc17cd6f1e4&KRTB&22918-f20408e4-7797-4367-80ea-1fc17cd6f1e4&KRTB&23031-f20408e4-7797-4367-80ea-1fc17cd6f1e4; SPugT=1623339574; KRTBCOOKIE_22=14911-2552665390517806558; KRTBCOOKIE_1074=22956-e_e5741d97-7df9-4400-8de1-8b3f232b7629; KRTBCOOKIE_466=16530-c60b42f1-f3a1-44be-ac37-9594017e1f1f; KRTBCOOKIE_699=22727-AACPgk7BhKQAADFvl-nfPg; PugT=1623347659; KRTBCOOKIE_218=22978-YMJRygABdgdu7ABg&KRTB&23194-YMJRygABdgdu7ABg&KRTB&23209-YMJRygABdgdu7ABg&KRTB&23244-YMJRygABdgdu7ABg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003&KRTB&17107-RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:20 GMT; path=/ PugT=1623347660; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:20 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:20 GMT; path=/
x-lat: lhrpug013:0:586
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
etag: RX4eef6961d93d4fb8bb7b0fbc4929e961003

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A4F5
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
107 B

36ms
33ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug005:2:302
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=d8dbaf28-8244-410b-922e-f8c1d5c36da6; path=/; domain=csync.loopme.me; Expires=Sat, 10-Jul-2021 17:54:18 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 10 Jun 2021 17:54:18 GMT
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F7E1
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4gwPIJVjy59NjTLiTw0QW9Fy

42 B
217 B

43ms
37ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4gwPIJVjy59NjTLiTw0QW9Fy
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4gwPIJVjy59NjTLiTw0QW9Fy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35; KRTBCOOKIE_153=19420-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7&KRTB&22979-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7; PugT=1623347658; PUBMDCID=3; KRTBCOOKIE_1101=23040-6972225101170276494; KRTBCOOKIE_27=16735-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&16736-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23019-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23114-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-4gwPIJVjy59NjTLiTw0QW9Fy; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:18 GMT; path=/ PugT=1623347658; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 10-Jul-2021 17:54:18 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:18 GMT; path=/
x-lat: lhrpug013:0:800
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=4gwPIJVjy59NjTLiTw0QW9Fy; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=4gwPIJVjy59NjTLiTw0QW9Fy
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame F75F 42 B
156 B 34ms
34ms Document
image/gif 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a98a8982500004eb62f82a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65d476d369584eb6-FRA

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame E892 43 B
408 B 83ms
26ms Document
image/gif 72.251.241.196
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 10 Jun 2021 17:54:18 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-5
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame F88C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
444 B

172ms
172ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=ainoeUt3ern6AxvVDROOtF4sE23d2a4bEMJoiUPT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=a4nsIHSZdIiiSTnMSYlk6hLiVjZbFc1m086pP9nvqtXuyaUA267VQmHB6QKbpoP6KjYD7BNXRSUSm4rsLqQE6j6XT6; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 17:54:19 GMT; SameSite=None; Secure; ANON_ID_old=a4nsIHSZdIiiSTnMSYlk6hLiVjZbFc1m086pP9nvqtXuyaUA267VQmHB6QKbpoP6KjYD7BNXRSUSm4rsLqQE6j6XT6; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 17:54:19 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0a98a898d000004a62f7b70000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65d476d47fa04a62-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 286
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=ainoeUt3ern6AxvVDROOtF4sE23d2a4bEMJoiUPT; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 17:54:18 GMT; SameSite=None; Secure; ANON_ID_old=ainoeUt3ern6AxvVDROOtF4sE23d2a4bEMJoiUPT; path=/; domain=.tribalfusion.com; expires=Wed, 08-Sep-2021 17:54:18 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0a98a8982400004a629a3dd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65d476d36cf74a62-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D77A
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=wHB9cUljVf8Y&pid=557219

1 B
69 B

40ms
32ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=wHB9cUljVf8Y&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=wHB9cUljVf8Y&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=47760EDE-6080-44AA-A222-2DB7A21AB771; chkChromeAb67Sec=1; DPSync3=1624492800%3A201_197_219%7C1623369600%3A174; SyncRTB3=1624492800%3A21_22_165_222_8_81_99_234_230_56_88_189_13_71_55_176_204_220_161_7_54_3_166%7C1624147200%3A63%7C1623888000%3A223_67_2_15%7C1625875200%3A203%7C1624579200%3A35; KRTBCOOKIE_153=19420-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7&KRTB&22979-Y-w67mDtOr14vj25Y7h07DS4Pep4vT_oYb3kAg-7; PugT=1623347658; PUBMDCID=3; KRTBCOOKIE_1101=23040-6972225101170276494; KRTBCOOKIE_27=16735-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&16736-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23019-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079&KRTB&23114-uid:aa1460c2-51ca-4c00-9a30-6000d90bd079; KRTBCOOKIE_80=22987-CAESEDcnTFP_UaZI0GYPz6TFAvk&KRTB&16514-CAESEDcnTFP_UaZI0GYPz6TFAvk&KRTB&23025-CAESEDcnTFP_UaZI0GYPz6TFAvk; SPugT=1623347658; KRTBCOOKIE_336=5844-7273492026487536892; KRTBCOOKIE_409=22966-4gwPIJVjy59NjTLiTw0QW9Fy; KRTBCOOKIE_188=3189-7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348; KRTBCOOKIE_391=22924-556477824948206670&KRTB&23263-556477824948206670; KRTBCOOKIE_57=22776-299143925439203548; KRTBCOOKIE_377=6810-f20408e4-7797-4367-80ea-1fc17cd6f1e4&KRTB&22918-f20408e4-7797-4367-80ea-1fc17cd6f1e4&KRTB&23031-f20408e4-7797-4367-80ea-1fc17cd6f1e4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 10 Jun 2021 17:54:18 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-Sep-2021 17:54:18 GMT; path=/
x-lat: lhrpug004:0:557
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-8474b759f8-f49vx
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=wHB9cUljVf8Y;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 05-Jun-2022 17:54:18 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=6ca0181797b14f5a; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=wHB9cUljVf8Y&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 52CD
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
52 B

35ms
28ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=4ea037b5-cf09-4e62-ba05-9cc5520b94f7-tuct7bbd74a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 varnish
x-served-by: cache-hhn11539-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623347659.940215,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 10-Jun-2022 17:54:18 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=40b9df02-41a8-4402-8f04-1e97946bdc2c-tuct7bbd74a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 varnish
x-served-by: cache-hhn11539-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1623347659.840861,VS0,VE64
x-vcl-time-ms: 64
content-length: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R3YO3mCARKqiIi23ohq3cQ%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R3YO3mCARKqiIi23ohq3cQ%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

39ms
38ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 06:44:25 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-2080-5c3aeac410031"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=133270
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2586
expires: Sat, 12 Jun 2021 06:55:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14c760c2-51ca-4800-85e0-643d3e675973

0
128 B

35ms
35ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14c760c2-51ca-4800-85e0-643d3e675973
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Jun 2021 17:56:10 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=14c760c2-51ca-4800-85e0-643d3e675973
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:09 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7FA9
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=47760EDE-6080-44AA-A222-2DB7A21AB771
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=f20408e4-7797-4367-80ea-1fc17cd6f1e4&icm
https://spl.zeotap.com/?zdid=1332&zcluid=7cabf0becf2e9cd0
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdfd794-3bf2-4d39-4c00-776bda731f30&reqId=4deb6ccd-1807-401a-489c-7a8974b478ae&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEBPbza2mfj84IKnTY48_0rw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdfd794-3bf2-4d39-4c00-776bda731f30&reqId=4deb6ccd-1807-401a-489c-7a8...

95 B
178 B

45ms
44ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEBPbza2mfj84IKnTY48_0rw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdfd794-3bf2-4d39-4c00-776bda731f30&reqId=4deb6ccd-1807-401a-489c-7a8974b478ae&zcluid=7cabf0becf2e9cd0&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 65d476d74e8305cc-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a98a89a8d000005cc40bbc000000001

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEBPbza2mfj84IKnTY48_0rw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdfd794-3bf2-4d39-4c00-776bda731f30&reqId=4deb6ccd-1807-401a-489c-7a8974b478ae&zcluid=7cabf0becf2e9cd0&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc3NjBFREUtNjA4MC00NEFBLUEyMjItMkRCN0EyMUFCNzcx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

40ms
36ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:233
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7FA9 43 B
611 B 107ms
29ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 09 Jun 2021 17:54:18 GMT

GET
H2 200 47760EDE-6080-44AA-A222-2DB7A21AB771
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7FA9 43 B
88 B 35ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/47760EDE-6080-44AA-A222-2DB7A21AB771?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=47760EDE-6080-44AA-A222-2DB7A21AB771&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EsSd4NxE2uX7u2z5MKZIhwf20FqiBo0-~A&gdpr=0&gdpr_consent=

0
128 B

42ms
34ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EsSd4NxE2uX7u2z5MKZIhwf20FqiBo0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 15:39:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EsSd4NxE2uX7u2z5MKZIhwf20FqiBo0-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=c60b42f1-f3a1-44be-ac37-9594017e1f1f
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=27cf279e-0f37-4300-af4b-182088e07f49&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c60b42f1-f3a1-44be-ac37-9594017e1f1f&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

34ms
33ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c60b42f1-f3a1-44be-ac37-9594017e1f1f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:323
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c60b42f1-f3a1-44be-ac37-9594017e1f1f&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRygABdgdu7ABg&gdpr=0&gdpr_consent=&_test=YMJRygABdgdu7ABg

1 B
237 B

34ms
33ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRygABdgdu7ABg&gdpr=0&gdpr_consent=&_test=YMJRygABdgdu7ABg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:487
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623347659.053617,VS0,VE0
x-served-by: cache-fra19145-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YMJRygABdgdu7ABg&gdpr=0&gdpr_consent=&_test=YMJRygABdgdu7ABg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2552665390517806558&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

34ms
34ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2552665390517806558&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:635
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2552665390517806558&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 7FA9 0
103 B 25ms
11ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=47760EDE-6080-44AA-A222-2DB7A21AB771&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3669028585186577923

42 B
187 B

34ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3669028585186577923
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:305
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:21 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid: e7ffdf16-b3e1-4f69-a30a-e0f7aa25fdf6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3669028585186577923
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7FA9
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e5741d97-7df9-4400-8de1-8b3f232b7629

42 B
226 B

34ms
33ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e5741d97-7df9-4400-8de1-8b3f232b7629
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:384
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_e5741d97-7df9-4400-8de1-8b3f232b7629
date: Thu, 10 Jun 2021 17:54:18 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame A912
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

45ms
40ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bac24448b9dc0b6286b50d9cab5d1c2c0e4f5a7d80f1006b3ea00920733d9e56

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMJRylc0Bzjvr19gDAhBKwAA; CMPS=3202
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|230|241|39|64|188|196|65
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1617
Expires: Thu, 10 Jun 2021 17:54:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Connection: keep-alive
Set-Cookie: CMID=YMJRylc0Bzjvr19gDAhBKwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:18 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:18 GMT CMPRO=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:18 GMT CMRUM3=4160c251ca05a0&f160c251ca05a0&2d60c251ca05a0&2760c251ca0b40&4060c251ca05a0&e660c251ca2760&c460c251ca05a0&bc60c251ca05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:18 GMT CMST=YMJRymDCUcoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 17:54:18 GMT

Redirect headers

Server: Apache
Content-Length: 341
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 10 Jun 2021 17:54:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Connection: keep-alive
Set-Cookie: CMID=YMJRylc0Bzjvr19gDAhBKwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:18 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:18 GMT

GET
H2 200 08deb17b-0955-adee-5ac6-4fa7d3c9bfd7
pr-bh.ybp.yahoo.com/sync/openx/ Frame B0EC 43 B
572 B 38ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/08deb17b-0955-adee-5ac6-4fa7d3c9bfd7?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=JZftUikI1LRoSK5

43 B
106 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=JZftUikI1LRoSK5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: PingMatch/v2.0.30-655-g6f0fff2#rel-ec2-master i-005da0421d9a8a886@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=JZftUikI1LRoSK5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7330eb2a-2907-4004-b4bd-aa789b94cbc9
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=7330eb2a-2907-4004-b4bd-aa789b94cbc9
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=27cf279e-0f37-4300-af4b-182088e07f49&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=c60b42f1-f3a1-44be-ac37-9594017e1f1f

43 B
106 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=c60b42f1-f3a1-44be-ac37-9594017e1f1f
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=c60b42f1-f3a1-44be-ac37-9594017e1f1f
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDUGdrN0JoS1FBQURGdmwtbmZQZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACPgk7BhKQAADFvl-nfPg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPgk7BhKQAADFvl-nfPg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=194909576046506650
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D194909576046506650%26bee_sync_partners%3Dox%26bee_sync_...
https://match.prod.bidr.io/cookie-sync?userid=194909576046506650&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AACPgk7BhKQAADFvl-nfPg&pid=558502&do...
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACPgk7BhKQAADFvl-nfPg

43 B
106 B

31ms
30ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACPgk7BhKQAADFvl-nfPg
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AACPgk7BhKQAADFvl-nfPg
Date: Thu, 10 Jun 2021 17:54:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dc2160c2-51ca-4800-ab20-e21d3fab79c6

43 B
106 B

43ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dc2160c2-51ca-4800-ab20-e21d3fab79c6
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 10 Jun 2021 17:56:10 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=dc2160c2-51ca-4800-ab20-e21d3fab79c6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:09 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=8J4jFfOfI0brzCRC8MptF6fKJBHrzyYT8s8N7m-Z

43 B
114 B

36ms
30ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=8J4jFfOfI0brzCRC8MptF6fKJBHrzyYT8s8N7m-Z
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=8J4jFfOfI0brzCRC8MptF6fKJBHrzyYT8s8N7m-Z
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2403553541928046679

43 B
106 B

36ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2403553541928046679
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2403553541928046679
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B0EC 70 B
264 B 54ms
49ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=9c19d73f-99f9-3fa7-6b11-59522c9e729e&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame B0EC 170 B
188 B 36ms
32ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjA3NjA0ZjUtNTA4ZS02MTAzLTdlZjEtMDNlYmU2N2NiY2Zl

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B0EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWW0_fdlyjlJe-mdTnqzVE&google_cver=1

43 B
106 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWW0_fdlyjlJe-mdTnqzVE&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWW0_fdlyjlJe-mdTnqzVE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 et_v1.0.1709-0-g29446e7.js Show response
video.unrulymedia.com/native/ Frame B292 2 KB
2 KB 27ms
24ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/et_v1.0.1709-0-g29446e7.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b05b4fdf98405edace9cb91aa22ca78159629b426c3b9b40e0b117a82d78d8f

Request headers

Origin: https://video.unrulymedia.com
Referer: https://video.unrulymedia.com/iframes/third-party-iframes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 08:33:58 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3144021
x-cache: Hit from cloudfront
access-control-allow-origin: https://video.unrulymedia.com
x-amz-expiration: expiry-date="Thu, 04 May 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 05 May 2021 08:33:47 GMT
server: AmazonS3
etag: W/"0714b29c7ff13f1fff5a9593b8d3bd3b"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wtOI7uD4MBwmEhyyD_j5ptlfMMXUw15MXeCagMxCgZxskW2Mj3z4eA==

GET
H2 200 third-party-iframes-966d1215afd0444df063.js Show response
video.unrulymedia.com/native/third-party-iframes/ Frame B292 8 KB
4 KB 27ms
24ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc1931e9b7250b3492c2efaa8fd009ab86c877d21cadec7ee99db8f9fc4bec2b

Request headers

Origin: https://video.unrulymedia.com
Referer: https://video.unrulymedia.com/iframes/third-party-iframes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 08:33:58 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3144021
x-cache: Hit from cloudfront
access-control-allow-origin: https://video.unrulymedia.com
x-amz-expiration: expiry-date="Thu, 04 May 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 05 May 2021 08:33:56 GMT
server: AmazonS3
etag: W/"8e81dab7c5e6661af730c0d972f4d7b2"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: S1190hDW8brJFTln-lZJ-xZ9CE1y6tl1cej_wsTWu1gOmUUeBcUpig==

GET
H2 204 current
pulsepoint-match.dotomi.com/match/bounce/ Frame EE7D 0
103 B 20ms
12ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame EE7D
Redirect Chain

https://px.owneriq.net/eucm/p/cwc
https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6766340581271818669&ref=%2Feucm%2Fp%2Fcwc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

26ms
26ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame EE7D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd...
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr_in_effect=0&gdpr_consent=

49 B
937 B

107ms
106ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr_in_effect=0&gdpr_consent=

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-f49vx
expires: -1

Redirect headers

date: Thu, 10 Jun 2021 17:54:20 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&gdpr_in_effect=0&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame EE7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eHVVV1BoMTFfWTFsRWFIcExBUXI5QQ&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOXy50GbYzDxuhKjl5dGotE&google_cver=1

49 B
855 B

167ms
160ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOXy50GbYzDxuhKjl5dGotE&google_cver=1

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-k8nvs
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEOXy50GbYzDxuhKjl5dGotE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame EE7D
Redirect Chain

https://x.bidswitch.net/sync?ssp=pulsepoint
https://x.bidswitch.net/ul_cb/sync?ssp=pulsepoint
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pulsepoint&bsw_custom_parameter=c60b42f1-f3a1-44be-ac37-9594017e1f1f
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pulsepoint&bsw_custom_parameter=c60b42f1-f3a1-44be-ac37-9594017e1f1f
https://x.bidswitch.net/sync?dsp_id=4&user_id=aaf5cf8b-efc9-4b91-b820-e84b03ee0e6f&ssp=pulsepoint&expires=30&user_group=5&bsw_param=c60b42f1-f3a1-44be-ac37-9594017e1f1f
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=aaf5cf8b-efc9-4b91-b820-e84b03ee0e6f&ssp=pulsepoint&expires=30&user_group=5&bsw_param=c60b42f1-f3a1-44be-ac37-9594017e1f1f
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=6980f769-2340-41c2-b5de-5cd6526f8821

49 B
717 B

114ms
111ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=6980f769-2340-41c2-b5de-5cd6526f8821

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-bvk2l
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=6980f769-2340-41c2-b5de-5cd6526f8821
date: Thu, 10 Jun 2021 17:54:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55972/ Frame EE7D
Redirect Chain

https://pixel.advertising.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=&apid=UPe10d6470-ca14-11eb-8b64-028c3a1b4c64

0
1 KB

26ms
25ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=&apid=UPe10d6470-ca14-11eb-8b64-028c3a1b4c64

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55972/sync?uid=g81R1zO6u4Xt&_origin=1&gdpr=0&gdpr_consent=&apid=UPe10d6470-ca14-11eb-8b64-028c3a1b4c64
date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

xuid
eb2.3lift.com/ Frame EE7D
Redirect Chain

https://eb2.3lift.com/xuid?mid=2636&xuid=g81R1zO6u4Xt&dongle=8bee
https://eb2.3lift.com/xuid?ld=1&mid=2636&xuid=g81R1zO6u4Xt&dongle=8bee&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

24ms
23ms

Image
image/gif

35.156.250.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2636&xuid=g81R1zO6u4Xt&dongle=8bee&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2636&xuid=g81R1zO6u4Xt&dongle=8bee&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame EE7D 68 B
263 B 70ms
20ms Image
image/png 3.125.134.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.134.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-134-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:18 GMT
content-length: 68
content-type: image/png

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame EE7D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pp
https://match.prod.bidr.io/cookie-sync/pp?_bee_ppp=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAA1r07BhKQAADLoVICu2g&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp&bee_sync_current_partner=pm&bee_sync_initiator=pp&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACPgk7BhKQAADFvl-nfPg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp&bee_sync_current_partner=sas&bee_sync_initiator=pp&bee_sync_hop_count=2&userid=194909576046506650
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg

49 B
878 B

107ms
107ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-f49vx
expires: -1

Redirect headers

location: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACPgk7BhKQAADFvl-nfPg
Date: Thu, 10 Jun 2021 17:54:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame EE7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=g81R1zO6u4Xt
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEL3ejAXkkfWgzpcdqXZ4NTg&google_cver=1

49 B
827 B

165ms
159ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEL3ejAXkkfWgzpcdqXZ4NTg&google_cver=1

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-k8nvs
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEL3ejAXkkfWgzpcdqXZ4NTg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame EE7D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8185&uid=g81R1zO6u4Xt
https://sync.search.spotxchange.com/partner?adv_id=8185&uid=g81R1zO6u4Xt&__user_check__=1&sync_id=e1162a47-ca14-11eb-83bc-156973b60106

43 B
548 B

31ms
31ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8185&uid=g81R1zO6u4Xt&__user_check__=1&sync_id=e1162a47-ca14-11eb-83bc-156973b60106
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 75
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: nginx
Location: /partner?adv_id=8185&uid=g81R1zO6u4Xt&__user_check__=1&sync_id=e1162a47-ca14-11eb-83bc-156973b60106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame EE7D 0
179 B 92ms
83ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?taboola_hm=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 64
date: Thu, 10 Jun 2021 17:54:18 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623347659.841385,VS0,VE64
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11539-HHN

GET
H2 200 sync
partners.tremorhub.com/ Frame EE7D 43 B
183 B 299ms
95ms Image
image/gif 2600:1f18:612b:4200:8331:bab2:3072:ce38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?uipp=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:8331:bab2:3072:ce38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 UserMatch.ashx
atemda.com/ Frame EE7D 43 B
1021 B 1215ms
120ms Image
image/gif 35.190.113.31
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atemda.com/UserMatch.ashx?bidderid=97&bidderuid=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
p3p: CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 10 Jun 2021 17:54:19 GMT

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame EE7D
Redirect Chain

https://red.erne.co/pulsepoint/cm
https://pixel.onaudience.com/?mapped=4gwPIJVjy59NjTLiTw0QW9Fy&partner=2&redirect=red.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D5609...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fred.erne.co%252Fct%2...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=3b30820fd0eb1bfd86c71564380744eb&redirect=https%3A%2F%2Fred.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtse...
https://red.erne.co/ct/cm?red=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D560956%26ev%3D4gwPIJVjy59NjTLiTw0QW9Fy
https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=4gwPIJVjy59NjTLiTw0QW9Fy

49 B
962 B

106ms
106ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=4gwPIJVjy59NjTLiTw0QW9Fy

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-8474b759f8-f49vx
expires: -1

Redirect headers

location: https://bh.contextweb.com/bh/rtset?do=add&pid=560956&ev=4gwPIJVjy59NjTLiTw0QW9Fy
date: Thu, 10 Jun 2021 17:54:20 GMT
server: openresty
strict-transport-security: max-age=0; includeSubDomains;
content-type: text/html; charset=UTF-8

GET
H2 200 um
sync.teads.tv/ Frame EE7D 23 B
287 B 1130ms
51ms Image
image/gif 184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=84&uid=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:20 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 10 Jun 2021 17:54:20 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame EE7D 43 B
344 B 129ms
122ms Image
image/gif 52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=g81R1zO6u4Xt&ex=Pulsepoint
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
ads.yieldmo.com/v000/ Frame EE7D 43 B
431 B 3211ms
58ms Image
image/gif 52.17.188.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=g81R1zO6u4Xt&pn_id=pp
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame EE7D 42 B
743 B 83ms
22ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1 200
OK rum
dsum.casalemedia.com/ Frame EE7D 43 B
1 KB 148ms
46ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=189&external_user_id=g81R1zO6u4Xt&expiration=[EXPIRATION]
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:19 GMT

GET
H2 200 user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame EE7D 43 B
156 B 42ms
10ms Image
image/gif 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&userid=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:19 GMT
cache-control: no-cache
server: nginx
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK pp.gif
sync.colossusssp.com/ Frame EE7D 42 B
648 B 334ms
115ms Image
image/gif 88.214.193.99
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.colossusssp.com/pp.gif?puid=g81R1zO6u4Xt

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.214.193.99 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0

GET
H2 204 /
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame EE7D 0
202 B 84ms
83ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 63
date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1623347659.125497,VS0,VE63
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn11539-HHN

GET
H2

200

TRRT
c.deployads.com/cs/ Frame EE7D
Redirect Chain

https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=https://demand.trafficroots.com/sync.php?buyer=2228&buyeruid=g81R1zO6u4Xt
https://c.deployads.com/cs/TRRT?b=g81R1zO6u4Xt

43 B
285 B

131ms
41ms

Image
image/gif

52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/TRRT?b=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://c.deployads.com/cs/TRRT?b=g81R1zO6u4Xt
Date: Thu, 10 Jun 2021 17:54:22 GMT
Server: nginx/1.10.3
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

55660
i6.liadm.com/s/ Frame EE7D
Redirect Chain

https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt
https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt&_li_chk=true&previous_uuid=79337e742dd44b8694b58181b71c6813
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt

43 B
447 B

316ms
121ms

Image
image/gif

2600:1f18:444a:4680:7493:838e:3006:4686
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4680:7493:838e:3006:4686 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:20 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 9bd3cb8080955d51
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=g81R1zO6u4Xt
Date: Thu, 10 Jun 2021 17:54:19 GMT
Connection: keep-alive
trace-id: 07a9a0bec8bc7fef
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 sync
x.bidswitch.net/ Frame EE7D 43 B
145 B 24ms
24ms Image
image/gif 3.64.28.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=400&user_id=g81R1zO6u4Xt&expires=30&user_group=[NUMERICAL_VALUE]
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.28.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame EE7D 0
176 B 67ms
30ms Image
text/plain 34.120.25.144
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1003&dspUserId=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 bid
cs.chocolateplatform.com/ Frame EE7D 0
85 B 353ms
115ms Image
text/plain 35.212.101.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/bid?advid=5771&bcid=g81R1zO6u4Xt
Requested by: Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: CookieSync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
via: 1.1 google
server: CookieSync Powered by Vdopia
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame EE7D 43 B
1006 B 33ms
33ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=494&code=g81R1zO6u4Xt

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: f8222623-fd81-45e1-b17a-519d2d7783d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4C80 0
753 B 34ms
34ms Script
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid: 0b0a70e5-8482-4ffc-8f6d-76ffda47c296
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F9D5 0
752 B 73ms
45ms Script
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid: c9c02cf1-0fd3-4649-8133-4b81ad36c1ae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 checkp Show response
usermatch.targeting.unrulymedia.com/usermatch/all/ Frame B292 589 B
679 B 1151ms
37ms Script
text/javascript 213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/usermatch/all/checkp?callback=checkpCallback
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3

Request headers

Referer: https://video.unrulymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
server: Tengine
content-length: 589
content-type: text/javascript

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A912
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMJRylc0Bzjvr19gDAhBKwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECr8-nppyTHD5Jm8QTPozuA&google_cver=1

43 B
1000 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECr8-nppyTHD5Jm8QTPozuA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECr8-nppyTHD5Jm8QTPozuA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A912
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ-PLtR5osp6rmwEIfbRBOA&google_cver=1

43 B
315 B

39ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ-PLtR5osp6rmwEIfbRBOA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJ-PLtR5osp6rmwEIfbRBOA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A912
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB&dcc=t

43 B
720 B

134ms
134ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:18 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A912 70 B
264 B 53ms
48ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YMJRylc0Bzjvr19gDAhBKwAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A912
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://tags.bluekai.com/site/17724?id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D7f16dab2-b92b-4fae-aa75-38e2807...
https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348?https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D7f16dab2-b92b...
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348?https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D7f16dab2...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939658

43 B
1 KB

325ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939658
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:20 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939658
cache-control: no-cache
x-server: 10.45.13.120
content-length: 0
expires: 0

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame A912 0
88 B 457ms
113ms Image
text/plain 52.45.185.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.185.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame A912 0
215 B 1132ms
31ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31193670.ip-51-178-20.eu
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame A912
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623434058

43 B
315 B

215ms
43ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623434058
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:19 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1623434058
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame A912 43 B
425 B 33ms
30ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YMJRylc0Bzjvr19gDAhBKwAA%261125
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://commandwindows.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:18 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2347
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 18:33:25 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
305 B 472ms
471ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=2592274735408389&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=2&rcs=3&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3Db75a19eef33cd9413dfebdcbce61e0ad%2C90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D300%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D400%26reqt%3D1623347658185&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623347659&dt=1623347659203&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=h&ifi=17&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6703896aab9704501c77657f250590b553f198b09ad92ae9bdb20320a3eba72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 B
302 B 390ms
389ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3156851828807563&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C390x390%7C410x390&ris=2&rcs=3&prev_scp=a%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3D1f21798841bf8f06b2b01e59559e3a3d%2C86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D200%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D350%26reqt%3D1623347658334&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623347659&dt=1623347659354&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=2402&adks=3272357030&ucis=i&ifi=18&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=300&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1358abe46303e8dd77a682181b41b4b820e6b74babf2ac8d5bcf9838a0e00581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 230
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
169 B 265ms
265ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3923535393767630&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=1&rcs=4&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3Ddbd164b2f6ba7ab3dbb868a5cad91738%2C8de2c8ca79e8623e3cb37120a35ebaa2%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D240%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C20%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D300%26reqt%3D1623347659718&eri=1&cookie=ID%3D407df171db0a591c%3AT%3D1623347659%3AS%3DALNI_Mbz6V73amuyrY4z-DConjh2Woxqnw&bc=31&abxe=1&lmt=1623347659&dt=1623347659724&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=j&ifi=19&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

60d06ce711556c890058505813bb23a16439292f0de18818f8631d95e276c06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4C80 0
753 B 33ms
32ms Script
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 36d6b8ce-8773-4059-b071-136fb30dc202
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F9D5 0
752 B 32ms
32ms Script
text/html 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:19 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid: 9cd33392-9f9a-40f3-80d4-7dd448dbd5cc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
173 B 263ms
263ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=2651602153508927&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C390x390%7C410x390&ris=1&rcs=4&prev_scp=a%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3De611d34e3d141bf8a95ee34718507aa2%2Cb355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D90%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D200%26reqt%3D1623347659869&eri=1&cookie=ID%3D989a97a6440e9d78%3AT%3D1623347659%3AS%3DALNI_MblumjoY-3H72PXRs34JLCoTTROsg&bc=31&abxe=1&lmt=1623347659&dt=1623347659878&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=2402&adks=3272357030&ucis=k&ifi=20&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=300&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1a7e55da55134d907ee21f0178e72fcb7e1ea3fbb64e78f03bd1c8b0e8616f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame A33C
Redirect Chain

https://x.bidswitch.net/sync?ssp=unrulyx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=unrulyx&bsw_custom_parameter=c60b42f1-f3a1-44be-ac37-9594017e1f1f&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=d3b77baf-2331-49ed-9145-c2aec8e9539e&expires=1&user_group=5&ssp=unrulyx&bsw_param=c60b42f1-f3a1-44be-ac37-9594017e1f1f
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/c60b42f1-f3a1-44be-ac37-9594017e1f1f?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/c60b42f1-f3a1-44be-ac37-9594017e1f1f?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

40ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:21 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:21 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame F6F2
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Floopme%2F%7Bdevice_id%7D
https://usermatch.targeting.unrulymedia.com/usermatch/loopme/dcd2693e-e706-43f0-a646-ddf0b06dd394
https://sync.1rx.io/usersync/loopme/dcd2693e-e706-43f0-a646-ddf0b06dd394
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

39ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H2

200

RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame 4D87
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=23&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcrimtan%2F%5Buser_id%5D
https://usermatch.targeting.unrulymedia.com/usermatch/crimtan/8e54ae2c85764972b7253b4610bd2251
https://sync.1rx.io/usersync/crimtan/8e54ae2c85764972b7253b4610bd2251
https://sync.1rx.io/usersync/crimtan/8e54ae2c85764972b7253b4610bd2251?zcc=1&dspret=0&cb=1623347661170
https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

43 B
395 B

40ms
40ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:21 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:21 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:21 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame B1DD
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fappnexus%2F%24UID
https://usermatch.targeting.unrulymedia.com/usermatch/appnexus/299143925439203548
https://sync.1rx.io/usersync/appnexus/299143925439203548
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

39ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame 73FD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fmediamath%2F%5BMM_UUID%5D
https://usermatch.targeting.unrulymedia.com/usermatch/mediamath/dc2160c2-51ca-4800-ab20-e21d3fab79c6
https://sync.1rx.io/usersync/mediamathtest/dc2160c2-51ca-4800-ab20-e21d3fab79c6
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

39ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame 8721
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fadobe%2F%24%7BTM_USER_ID%7D%3F
https://usermatch.targeting.unrulymedia.com/usermatch/adobe/YMJRygABdgdu7ABg?
https://sync.1rx.io/usersync/adobe/YMJRygABdgdu7ABg
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

40ms
40ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame 7445
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=unruly&ttd_tpi=1
https://usermatch.targeting.unrulymedia.com/usermatch/tradedesk/f20408e4-7797-4367-80ea-1fc17cd6f1e4
https://sync.1rx.io/usersync/tradedesk/f20408e4-7797-4367-80ea-1fc17cd6f1e4
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

39ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ACF4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=unruly&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east

281 B
554 B

59ms
19ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://video.unrulymedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 10 Jun 2021 17:54:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Date: Thu, 10 Jun 2021 17:54:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame A515
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=41
https://usermatch.targeting.unrulymedia.com/usermatch/stackadapt/EYYxtDsqTWFutOxm9Il2O7mcr2s
https://sync.1rx.io/usersync/stackadapt/EYYxtDsqTWFutOxm9Il2O7mcr2s
https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

43 B
395 B

40ms
40ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:21 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:21 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:21 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame 52FC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/unruly/
https://usermatch.targeting.unrulymedia.com/usermatch/oath/y-dIPJXOZE2oXuhq9z4mu3sT58jd2Z2dNj2nQC~A
https://sync.1rx.io/usersync/verizon/y-dIPJXOZE2oXuhq9z4mu3sT58jd2Z2dNj2nQC~A
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

40ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003 Show response
sync.targeting.unrulymedia.com/csync/ Frame DE31
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560138&ev=1&daaqp=1&rurl=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fpulsepoint%2F%25%25VGUID%25%25
https://usermatch.targeting.unrulymedia.com/usermatch/pulsepoint/g81R1zO6u4Xt
https://sync.1rx.io/usersync/pulse/g81R1zO6u4Xt
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

40ms
39ms

Document
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:method: GET
:authority: sync.targeting.unrulymedia.com
:scheme: https
:path: /csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://video.unrulymedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-length: 43
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003%22%7D; path=/; expires=Fri, 10 Jun 2022 17:54:20 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

server: Tengine
date: Thu, 10 Jun 2021 17:54:20 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame C2DC 1 KB
3 KB 49ms
48ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e4af2299a43a672e3d2c5acbf422320bcde64fd1ee7db551b56013b8d8311b3

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://video.unrulymedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YMJRylc0Bzjvr19gDAhBKwAA; CMPS=3202; CMPRO=1125; CMST=YMJRymDCUcsA; CMRUM3=f160c251ca05a0&2d60c251ca2760CAESECr8-nppyTHD5Jm8QTPozuA&4160c251ca05a0&4060c251ca05a0&e660c251ca2760&2760c251ca0b40&bc60c251ca05a00&bd60c251cb2760g81R1zO6u4Xt&c460c251ca05a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|130|4|218|3|64|152
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1443
Expires: Thu, 10 Jun 2021 17:54:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Connection: keep-alive
Set-Cookie: CMID=YMJRylc0Bzjvr19gDAhBKwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:20 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:20 GMT CMPRO=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 08 Sep 2021 17:54:20 GMT CMRUM3=4160c251ca05a0&2d60c251ca2760CAESECr8-nppyTHD5Jm8QTPozuA&bd60c251cb2760g81R1zO6u4Xt&da60c251cc2760&4960c251cc05a0&2e60c251cc05a0&8260c251cca8c0&f160c251ca05a0&2760c251ca0b40&0360c251cc05a0&4060c251cc05a0&0460c251cc05a0&e660c251ca2760&9860c251cc05a00&c460c251ca05a0&bc60c251ca05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 10 Jun 2022 17:54:20 GMT CMST=YMJRymDCUcwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 11 Jun 2021 17:54:20 GMT

GET
H/1.1 400
Bad Request unr Show response
match.prod.bidr.io/cookie-sync/ Frame 64E4 20 B
233 B 41ms
41ms Document
text/plain 52.49.238.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/unr

Requested by

Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-966d1215afd0444df063.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.238.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://video.unrulymedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bitoIsSecure=ok; bito=AACPgk7BhKQAADFvl-nfPg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://video.unrulymedia.com/

Response headers

content-type: text/plain
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 20
Connection: keep-alive

GET
H2

204

DiBvCw0hb1gVcmhcDnQhCVl0aA8VcWoNDHG0Pyrp
sync.1rx.io/usersync/quantcast/ Frame B292
Redirect Chain

https://cms.quantserve.com/pixel/p-QcHdy7VcGLKJK.gif?idmatch=0
https://sync.1rx.io/usersync/quantcast/DiBvCw0hb1gVcmhcDnQhCVl0aA8VcWoNDHG0Pyrp?gdpr=1

0
107 B

39ms
39ms

Image
text/plain

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/quantcast/DiBvCw0hb1gVcmhcDnQhCVl0aA8VcWoNDHG0Pyrp?gdpr=1
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://video.unrulymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:20 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://sync.1rx.io/usersync/quantcast/DiBvCw0hb1gVcmhcDnQhCVl0aA8VcWoNDHG0Pyrp?gdpr=1
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
sync.targeting.unrulymedia.com/csync/ Frame B292
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=unruly_dbm&google_cm&google_sc
https://usermatch.targeting.unrulymedia.com/usermatch/google/CAESEDK7cKghmaTc1UcENMY4t_k?google_cver=1
https://sync.1rx.io/usersync/google/CAESEDK7cKghmaTc1UcENMY4t_k?google_cver=1
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

40ms
40ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://video.unrulymedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:20 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:20 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C2DC
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=299143925439203548

43 B
1 KB

273ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=299143925439203548
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid: 8000e716-c38f-4f20-9cd6-dd8f93344161
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=299143925439203548
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C2DC 43 B
88 B 34ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YMJRylc0Bzjvr19gDAhBKwAABGUAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C2DC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACPgk7BhKQAADFvl-nfPg&expiration=1624557260

43 B
1 KB

406ms
66ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACPgk7BhKQAADFvl-nfPg&expiration=1624557260
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACPgk7BhKQAADFvl-nfPg&expiration=1624557260
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C2DC
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2552665390517806558

43 B
1 KB

264ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2552665390517806558
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2552665390517806558
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C2DC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YMJRylc0Bzjvr19gDAhBKwAA%261125?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRylc0Bzjvr19gDAhBKwAA%261125

42 B
973 B

50ms
50ms

Image
image/gif

52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRylc0Bzjvr19gDAhBKwAA%261125

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v008-04c3a71c2.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Z4Cjx6cDS+Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v008-0b8bea421.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: kzLnfYeYRkY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YMJRylc0Bzjvr19gDAhBKwAA%261125
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C2DC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc2160c2-51ca-4800-ab20-e21d3fab79c6

43 B
1 KB

340ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc2160c2-51ca-4800-ab20-e21d3fab79c6
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

Date: Thu, 10 Jun 2021 17:56:11 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=dc2160c2-51ca-4800-ab20-e21d3fab79c6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C2DC
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939660

43 B
1 KB

305ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939660
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:19 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=7f16dab2-b92b-4fae-aa75-38e2807f15b4-60c251ca-4348&expiration=1625939660
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C2DC
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ff8ff2f-d787-409c-b4c5-c67e0833658e

43 B
1 KB

128ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ff8ff2f-d787-409c-b4c5-c67e0833658e
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 10 Jun 2021 17:54:20 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Jun 2021 17:54:20 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=5ff8ff2f-d787-409c-b4c5-c67e0833658e
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2

200

RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
sync.targeting.unrulymedia.com/csync/ Frame C2DC
Redirect Chain

https://usermatch.targeting.unrulymedia.com/usermatch/casale/YMJRylc0Bzjvr19gDAhBKwAA%261125
https://sync.1rx.io/usersync/index/YMJRylc0Bzjvr19gDAhBKwAA&1125
https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003

43 B
395 B

39ms
39ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=182257&cb=https%3A%2F%2Fusermatch.targeting.unrulymedia.com%2Fusermatch%2Fcasale%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:20 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-4eef6961-d93d-4fb8-bb7b-0fbc4929e961-003
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:20 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7FA9 0
128 B 36ms
34ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 15:20:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ACF4 31 KB
10 KB 22ms
21ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:54:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 21:11:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=56390
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9302
Expires: Fri, 11 Jun 2021 09:34:11 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame ACF4 284 B
921 B 836ms
23ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
416 B 345ms
344ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=626122048394941&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=2&rcs=5&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3Da2b45ad7ec25aa78d8641082a295093b%2C43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D220%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C20%2C20%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D240%26reqt%3D1623347660234&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623347661&dt=1623347661257&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=l&ifi=21&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

71946a5f35932386a68a39dbe906a0b7f873945fa94321fd8ea9d74542f20220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 18ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
1 KB 349ms
349ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3789184406208707&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C390x390%7C410x390&ris=2&rcs=5&prev_scp=a%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3D666029ee8b3fc7d139e34438527dc02f%2C54d0fa6d5f6aabe7623cb24faa42a441%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D30%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%2C20%2C17%2C19%2C20%2C17%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D90%26reqt%3D1623347660384&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1623347661&dt=1623347661394&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=2402&adks=3272357030&ucis=m&ifi=22&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=300&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

31cb5ff6401799c5a47f91f6f651ac455a96f328ddd27b386a6eaa5b2850e716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1109
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
258 B 286ms
286ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=748830622788595&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=1&rcs=6&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3D1f21798841bf8f06b2b01e59559e3a3d%2C86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D200%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C20%2C20%2C20%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D220%26reqt%3D1623347661768&eri=1&cookie=ID%3D31263ded18267daf-222ea5845dc800cd%3AT%3D1623347661%3AS%3DALNI_Mbr6L5gTSXEL28XfbCMNLWCt_uT-Q&bc=31&abxe=1&lmt=1623347661&dt=1623347661775&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=n&ifi=23&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=13&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b84d898cd6fec1e60a4ebc43e1bfe112feea3e17f431b1c7a48aad8c4c8af34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 447ms
447ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=3395344985524377&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C310x320%7C390x390%7C410x390&ris=1&rcs=6&prev_scp=a%3D%257C1%257C%26iid11%3D1048147%26iit%3D5%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1031%26sap%3D1031%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dcommandwindows_com-banner-2-1048147%26eb_br%3Db1058bee8488d79e41859f9e3635ade8%2C291d27313eb66c50243129b23df8a579%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D8983937454%26asau%3D4556257235%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D2%26br1%3D10%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C899%2C919%2C20%2C17%2C19%2C20%2C17%2C19%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D30%26reqt%3D1623347661900&eri=1&cookie=ID%3D31263ded18267daf-222ea5845dc800cd%3AT%3D1623347661%3AS%3DALNI_Mbr6L5gTSXEL28XfbCMNLWCt_uT-Q&bc=31&abxe=1&lmt=1623347661&dt=1623347661907&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=2402&adks=3272357030&ucis=o&ifi=24&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x636&msz=300x600&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=300&btvi=14&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

3df10778d062fae40a45b3ee7a29d4eca7af79cf38de1947076e5ac8eb13f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11421
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
sync.targeting.unrulymedia.com/csync/ Frame ACF4
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=unruly
https://usermatch.targeting.unrulymedia.com/usermatch/rubicon/KPR7A8JX-D-1GX2
https://sync.1rx.io/usersync/rubicon/KPR7A8JX-D-1GX2
https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003

43 B
395 B

40ms
39ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-53d6a5d9-544a-43dc-b05f-9ea9916bb516-003
pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H2 451 709414.gif
id.rlcdn.com/ Frame ACF4 0
66 B 73ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ACF4
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BSN0E4SlgtRC0xR1gy

170 B
232 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BSN0E4SlgtRC0xR1gy

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BSN0E4SlgtRC0xR1gy
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame ACF4 70 B
264 B 50ms
48ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACF4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YMJRzgABdgWgdwBg
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMJRzgABdgWgdwBg&_test=YMJRzgABdgWgdwBg

42 B
678 B

20ms
20ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMJRzgABdgWgdwBg&_test=YMJRzgABdgWgdwBg
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1623347662.276446,VS0,VE0
x-served-by: cache-fra19145-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YMJRzgABdgWgdwBg&_test=YMJRzgABdgWgdwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOu0tWXj5U7nEKI6oybNGeQ&google_cver=1

42 B
678 B

20ms
20ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOu0tWXj5U7nEKI6oybNGeQ&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOu0tWXj5U7nEKI6oybNGeQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACF4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=762260c2-51ce-4600-838d-e67705048110

42 B
678 B

35ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=762260c2-51ce-4600-838d-e67705048110
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Thu, 10 Jun 2021 17:56:13 GMT
Server: MT3 3759 5f8f15b master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=762260c2-51ce-4600-838d-e67705048110
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 10 Jun 2021 17:56:12 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame ACF4
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPR7A8JX-D-1GX2&sigv=1&esig=2~f1b5447741c5984ab6b98dc8ab88a5578537343a

0
445 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPR7A8JX-D-1GX2&sigv=1&esig=2~f1b5447741c5984ab6b98dc8ab88a5578537343a

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KPR7A8JX-D-1GX2&sigv=1&esig=2~f1b5447741c5984ab6b98dc8ab88a5578537343a
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame ACF4
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/HGlE3x7NR_XNj1lNR4Tj5Q?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7630302539554482625

42 B
678 B

22ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7630302539554482625
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=unruly&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

date: Thu, 10 Jun 2021 17:54:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7630302539554482625
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 2926 191 KB
54 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74650
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2926 12 KB
5 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74650
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2926 87 KB
27 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74650
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2926 4 KB
2 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74650
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2926 41 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74650
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2926 3 KB
684 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 17:14:01 GMT
server: ESF
date: Thu, 10 Jun 2021 17:54:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 17:54:22 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2926 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15584
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:34:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2926 295 B
358 B 7ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 70103
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
DATA 200
OK truncated
/ Frame 2926 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50f6dff614d8790df46d82793dd4a663bc67900e63f156a91cbfce0ef7396682

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2926 0
0 58ms
57ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMYXyzVHCYLeWOvCBx_APgr-c6Aj63av3YIynoaKDDMCNtwEQASDC0-8jYPWVzoHgBKABgdDVlgPIAQGpAj7rCGH4vLI-4AIAqAMByAMKqgT9AU_Qf6RNEq4mcNLiN6n6H8MasyF5Z3T7uPIZoZEVQ7BhRCFKkyNSwFRUpK07XJp4g_sDgOfFOjJvmsQLfK7y4mpnakp5D_iClH9F_RMSDaZoeAN4o0CeebypslGv10XvuuGhIDkqYVY9AR8FnDz-FWZVVBeZ0BFKn4hcBfe9xORbV3oVJ_H7o8dcvfCgbj4ZGFRP_7RwH0ZHeMhadypufeJp7jErbq2X9WzmSXcdt0Q_cVKzZsRfgPyZh-El-KkyWvFuG5LZrEuddx1aUuYDu4msxnjogxu6coISewET0O6JI2jqLl4Jvx709EsOobM_SQ_AIbv3OGp0ASQkkazABPu4ipH8AuAEAZIFBAgEGAGSBQQIBRgEoAZRgAfnr6ppqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEIiVBtIIBwiAYRABGB2ACgPICwHYEw2IFAHQFQGAFwGyFxoKGAgAEhRwdWItNzk1ODk1OTU2NjIwNjg2MA&sigh=_K6MueBO_X4
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
65 B 23ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4MiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImIxMDU4YmVlODQ4OGQ3OWU0MTg1OWY5ZTM2MzVhZGU4LDI5MWQyNzMxM2ViNjZjNTAyNDMxMjliMjNkZjhhNTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDQ4MTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAxLCJhZF9wb3NpdGlvbiI6MTAzMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwMywic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4MiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ4MiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4MiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImIxMDU4YmVlODQ4OGQ3OWU0MTg1OWY5ZTM2MzVhZGU4LDI5MWQyNzMxM2ViNjZjNTAyNDMxMjliMjNkZjhhNTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDQ4MTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAxLCJhZF9wb3NpdGlvbiI6MTAzMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMSwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwMywic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4MiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ4MiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspva=1; ezouspvh=10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:22 UTC

GET
H2 200 4967849482 Show response
g.ezoic.net/dac/ 0
93 B 74ms
24ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4967849482
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:22 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 23ms
22ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspva=1; ezouspvh=10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:22 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 22ms
22ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY2MiwiYWRfcG9zaXRpb24iOjEwMzEsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTUwLCJiaWRfZmxvb3JfcHJldiI6MzAsImJpZF9mbG9vcl9maWxsZWQiOjEwLCJhdWN0aW9uX2NvdW50Ijo3LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NzMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEwNDQxODU0OCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY2MiwiYWRfcG9zaXRpb24iOjEwMzEsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTUwLCJiaWRfZmxvb3JfcHJldiI6MzAsImJpZF9mbG9vcl9maWxsZWQiOjEwLCJhdWN0aW9uX2NvdW50Ijo3LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NzMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEwNDQxODU0OCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyfV0=
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspva=1; ezouspvh=10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:22 UTC

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2926 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://commandwindows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:03 GMT
x-content-type-options: nosniff
age: 181519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:29:03 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 2926 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://commandwindows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:10:35 GMT
x-content-type-options: nosniff
age: 157427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:10:35 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2926
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 10 Jun 2021 17:54:22 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2926 2 KB
2 KB 14ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15584
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2926 295 B
319 B 14ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 70103
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 466 B
884 B 11ms
11ms Script
application/javascript 2600:9000:2156:1800:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=194-1
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fd78f51affedcaa173cd1f15fca8f1fbecdbaafa7020cec2ae0fe3befbed5ea1

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 23:51:29 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 17:56:24 GMT
server: nginx/1.16.0
age: 7149773
etag: "1d2-5bd5a9e4b6200;5bd5a9e4b6200-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 466
x-amz-cf-id: q3XTQeIU7NhJILsDw9heE-cDQ5DdIm8h37LHwJfD3Smjl9IohcvG2Q==

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 22ms
22ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEzMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMzA0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI2OTk4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMzk2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDQ4MTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAzMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODIsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI1NDgifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMDU0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc2LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjI5NDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3NiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEzMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2MTY0OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDg4LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMzA0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI2OTk4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMzk2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDQ4MTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAzMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODIsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI1NDgifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspva=1; ezouspvh=10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:23 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 9ms
7ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=194-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:22 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 17 Jun 2021 17:54:22 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
427 B 72ms
23ms Script
application/javascript 2600:9000:218d:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218d:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 15:10:31 GMT
via: 1.1 a9cd237416fb828127279373bfd596cb.cloudfront.net (CloudFront)
age: 9833
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CDG50-P2
accept-ranges: bytes
x-amz-cf-id: 94mJeuRyn_94TKRrWAgucN3Ey7llMheSMyoWc1_84jqmWazHJ0jk7g==

GET
H2 200 pixel;r=1646499124;labels=Domain.commandwindows_com%2CDomainId.146;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fcommandwindows.com%2F;uht=2;fpan=1;fpa=P0-773486558-1623347663003;pbcn=u;pbc=;ns=0;ce=1;q...
pixel.quantserve.com/ 35 B
371 B 14ms
13ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1646499124;labels=Domain.commandwindows_com%2CDomainId.146;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fcommandwindows.com%2F;uht=2;fpan=1;fpa=P0-773486558-1623347663003;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=commandwindows.com;je=0;sr=1600x1200x24;dst=1;et=1623347663003;tzo=-120;ogl=title.Windows%20Command%20Line%20Interpreter%7CShell%7CDOS%20Prompt%7CBatch%20Files%7CScripting%2Ctype.website%2Curl.https%3A%2F%2Fcommandwindows%252Ecom%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Jun 2021 17:54:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
169 B 418ms
418ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=2980129017426984&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=2&rcs=7&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D8%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3Db07f0a682484a2a69597aa47c6dbb7ac%2C9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D180%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C20%2C20%2C20%2C20%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D200%26reqt%3D1623347662284&eri=1&cookie=ID%3D31263ded18267daf%3AT%3D1623347661%3AS%3DALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg&bc=31&abxe=1&lmt=1623347663&dt=1623347663304&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=p&ifi=25&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=15&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

fcf651b298ea6da324899035397737be9904b6ca597839b11bbeb42055374b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=commandwindows.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 17:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 259ms
258ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=739924062618941&correlator=1055958990251315&output=ldjh&impl=fifs&eid=31061394%2C31061142&vrg=2021060801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210610&iu_parts=104418548%2Ccommandwindows_com-box-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C310x320%7C350x340%7C350x430&ris=1&rcs=8&prev_scp=a%3D%257C3%257C%26iid11%3D1026998%26iit%3D3%26t%3D99%26d%3D146%26t1%3D99%26pvc%3D0%26ap%3D1003%26sap%3D1261%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D9%26at%3Dbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D6206860%26gala%3D1501035%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dcommandwindows_com-box-4-1026998%26eb_br%3Dzero%26eba%3D1%26ebss%3D10082%2C10061%2C10015%2C11304%26gas%3D2017884480%26asau%3D7210502436%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D3%26br1%3D0%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C817%2C899%2C919%2C20%2C20%2C20%2C20%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D180%26reqt%3D1623347663817%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D31263ded18267daf%3AT%3D1623347661%3AS%3DALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg&bc=31&abxe=1&lmt=1623347663&dt=1623347663824&dlt=1623347647976&idt=1163&frm=20&biw=1600&bih=1200&oid=3&adxs=697&adys=1551&adks=4216951667&ucis=q&ifi=26&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcommandwindows.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=250x270&msz=250x250&ga_vid=1178215692.1623347650&ga_sid=1623347650&ga_hid=1045620473&ga_fc=false&ga_wpids=UA-29096671-22&fws=4&ohw=750&btvi=16&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8f4232065b3c24a7449e6c9e4130a650f32ec4c53e9edc55de20b705ad53f055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11244
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://commandwindows.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 23ms
22ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4MiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDQ4MTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAzMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODIsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA0ODE0NyIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1iYW5uZXItMi0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMzEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDgyLCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNDgxNDciLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYmFubmVyLTItMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDMxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ4MiwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDQ4MTQ3IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAzMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0ODIsImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspva=1; ezouspvh=10; __qca=P0-773486558-1623347663003
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:23 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:23 UTC

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 240D 191 KB
54 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74652
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 240D 12 KB
4 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74652
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 240D 87 KB
27 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74652
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 240D 4 KB
2 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74652
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 240D 41 KB
13 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 74652
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Wed, 09 Jun 2021 21:10:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jun 2022 21:10:12 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 240D 3 KB
578 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 17:20:20 GMT
server: ESF
date: Thu, 10 Jun 2021 17:54:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 10 Jun 2021 17:54:24 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 240D 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Jun 2021 13:34:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15586
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:34:38 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 240D 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Jun 2021 22:25:59 GMT
x-content-type-options: nosniff
server: cafe
age: 70105
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:25:59 GMT

GET
DATA 200
OK truncated
/ Frame 240D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02cf6e1a7ea5ab1e676a82e81b24119902294b4514b11a4138e756e0d985b7d7

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 240D 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCEuTsQRM1-JeRkPascB2_0mezL6bqy8F46ektKgrOF0Tf-dt0bruO_DqFriS7h5aMsxyzf237oNmSRPXQMvyGHcc4Nw
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 240D 0
0 58ms
57ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzUg2z1HCYP_9NMaQgAeEnbLwBvrdq_dgptmZheULwI23ARABIMLT7yNg9ZXOgeAEoAGB0NWWA8gBAakCPusIYfi8sj7gAgCoAwHIAwqqBP0BT9BMMQ4YZHFflHFX2hIqYSdF6eXh6Nt1LIyVV008aOmPEu8pisRALGRH0Y6SdcLa7cL2ud4tKAJc6KJRwR0f5eYSI5yzLHUOTMRXvfyO3678LaTuw2l2VTNW5yWSbpfvYEitTs03nRiu5fgHnv21W23yiSqQHSej-JDX3PfqaD20hnVL0KqJ0EOXAsbI6bYj9HpCPt1na5GtSFH1OOJNBDUqpDbKiufFy9ovKcA1YjLAkTwWwJnxkb59MT--MRqtnY1Xeh1nwxuTfh0YTVI-_J6MiHYs4MV2esWGKG2J9F29M2HEjdzQKmR5k0gpTupdfoQYzgy7dV03wHTjnsAE-7iKkfwC4AQBkgUECAQYAZIFBAgFGASgBmaAB-evqmmoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ8C7SCAcIgGEQARgdgAoDyAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTc5NTg5NTk1NjYyMDY4NjA&sigh=Wt47xvJeklw
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
19 B 30ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OSwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Inplcm8ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDAxOCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OSwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ3OSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OSwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Inplcm8ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDAxOCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNTc4NTI1MTIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OSwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk2Nzg0OTQ3OSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspvh=10; __qca=P0-773486558-1623347663003; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:24 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:23 UTC

GET
H2 200 4967849479 Show response
g.ezoic.net/dac/ 0
40 B 56ms
47ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4967849479
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 10 Jun 2021 17:54:24 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 28ms
20ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNi0xMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE5In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspvh=10; __qca=P0-773486558-1623347663003; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:24 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:23 UTC

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
42 B 27ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY2NCwiYWRfcG9zaXRpb24iOjEwMDMsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwMCwiYmlkX2Zsb29yX3ByZXYiOjE4MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6OSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6Mjg2LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMDQ0MTg1NDgsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OX1d
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYXVjdGlvbl9lcG9jaCI6MTYyMzM0NzY2NCwiYWRfcG9zaXRpb24iOjEwMDMsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwMCwiYmlkX2Zsb29yX3ByZXYiOjE4MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6OSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6Mjg2LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMDQ0MTg1NDgsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OX1d
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspvh=10; __qca=P0-773486558-1623347663003; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:24 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:24 UTC

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 240D 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://commandwindows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 15:29:03 GMT
x-content-type-options: nosniff
age: 181521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 15:29:03 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 240D 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://commandwindows.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 22:10:35 GMT
x-content-type-options: nosniff
age: 157429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jun 2022 22:10:35 GMT

GET
H2 200 army.gif Show response
commandwindows.com/porpoiseant/ 0
65 B 22ms
21ms XHR
text/plain 3.127.76.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commandwindows.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMjUwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OSwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI2OTk4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0NzksImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjcifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: commandwindows.com
URL: https://commandwindows.com/jass/jass.head.js?cb=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.127.76.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-76-126.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyNjk5OCIsImRvbWFpbl9pZCI6IjE0NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWNvbW1hbmR3aW5kb3dzX2NvbS1ib3gtNC0wIiwidF9lcG9jaCI6MTYyMzM0NzY0NywiYWRfcG9zaXRpb24iOjEwMDMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiYWY1NWM5ZTEtNmExNi00OTIzLTRlNTQtNTcxZTcxNWM2YTMyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTY3ODQ5NDc5LCJjcmVhdGl2ZV9pZCI6MTM4MjU3ODUyNTEyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMjUwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjY5OTgiLCJkb21haW5faWQiOiIxNDYiLCJ1bml0IjoiZGl2LWdwdC1hZC1jb21tYW5kd2luZG93c19jb20tYm94LTQtMCIsInRfZXBvY2giOjE2MjMzNDc2NDcsImFkX3Bvc2l0aW9uIjoxMDAzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImFmNTVjOWUxLTZhMTYtNDkyMy00ZTU0LTU3MWU3MTVjNmEzMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk2Nzg0OTQ3OSwiY3JlYXRpdmVfaWQiOjEzODI1Nzg1MjUxMiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI2OTk4IiwiZG9tYWluX2lkIjoiMTQ2IiwidW5pdCI6ImRpdi1ncHQtYWQtY29tbWFuZHdpbmRvd3NfY29tLWJveC00LTAiLCJ0X2Vwb2NoIjoxNjIzMzQ3NjQ3LCJhZF9wb3NpdGlvbiI6MTAwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJhZjU1YzllMS02YTE2LTQ5MjMtNGU1NC01NzFlNzE1YzZhMzIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5Njc4NDk0NzksImNyZWF0aXZlX2lkIjoxMzgyNTc4NTI1MTIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNjcifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: __gads=ID=31263ded18267daf:T=1623347661:S=ALNI_MZgMpJhA6vqo55w78NTcL1rs-gFsg; ezouspvv=10; ezouspvh=10; __qca=P0-773486558-1623347663003; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: commandwindows.com
referer: https://commandwindows.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://commandwindows.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 10 Jun 2021 17:54:25 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 09 Jun 2021 17:54:25 UTC

Verdicts & Comments Add Verdict or Comment

303 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 19:38:59	Name: PugT Value: 1623347655
.lijit.com/	1970-01-20 03:41:23	Name: ljt_reader Value: c5122951c1aa9ba2d6c4dafc
.pubmatic.com/	1970-01-19 19:38:59	Name: KRTBCOOKIE_699 Value: 22727-AADvvU7BhKQAADKOsYyZ3w
.pubmatic.com/	1970-01-19 19:38:59	Name: KRTBCOOKIE_1101 Value: 23040-6972225075391166606
.casalemedia.com/	1970-01-20 03:41:23	Name: CMRUM3 Value: c360c251c52760av-244b8c86-b593-435d-a31b-25d6d697ddfe
.casalemedia.com/	1970-01-19 21:05:23	Name: CMPRO Value: 1102
.casalemedia.com/	1970-01-20 03:41:23	Name: CMID Value: YMJRxSZHRX8FkJmjwEvO5wAA
.pubmatic.com/	1970-01-19 21:05:23	Name: PUBMDCID Value: 3
commandwindows.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 70
.doubleclick.net/	1970-01-19 18:55:51	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 12:26:59	Name: IDE Value: AHWqTUnViW_iuPoMI_RK6oJrGMGAwZP_LgHoLluIJ-2bOBqRwTMbmGelmC1Jqqwa_-A
.commandwindows.com/	1970-01-20 04:17:23	Name: __gads Value: ID=e8e9fae38446fedf:T=1623347649:S=ALNI_MbBLFkeq4LLo3MyB8ByceIYGeKTAQ
commandwindows.com/	1970-01-19 19:38:59	Name: _pbjs_userid_consent_data Value: 3524755945110770
commandwindows.com/	1969-12-31 23:59:59	Name: ezouspva Value: 2
commandwindows.com/	1970-01-20 04:17:30	Name: cto_bidid Value: lQdIgF93UnIwUTRyNGdWOW4xVDJLenljaFBoWEVsYjZ6NTE5Z1QzRyUyRk1naDBnc1BRazVCWkk4VE5NRkNPWWlnZXpVWENBVE9QT1hERG1pSEtBOVl5N0VzUmpnJTNEJTNE
.casalemedia.com/	1970-01-19 21:05:23	Name: CMPS Value: 3202
commandwindows.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 100
commandwindows.com/	1970-01-20 04:17:30	Name: cto_bundle Value: mJWXzl9OYSUyQlh1cDZrTEJ2WW54UnVoWWFGNmF0V01Cc0Nwc3glMkZRT0x2TThUTUFmRnNBZCUyRlZVcmZGUDBYTVIzczRuM241cmJCbzY0TGdjY0JNRkdzelY3QWQ5UWxTV0s1eG5kaFF5d0hGNDFJem5MVFhhY0RJOUQ1NU5pRmc4Ykt1ZmFPYw
commandwindows.com/	1970-01-20 03:41:23	Name: ezux_lpl_146 Value: 1623347657899\|af55c9e1-6a16-4923-4e54-571e715c6a32\|false
.pubmatic.com/	1970-01-19 21:05:23	Name: KRTBCOOKIE_466 Value: 16530-4fee5273-4871-4ba5-a116-35f56c8f47d4
.casalemedia.com/	1970-01-19 18:57:14	Name: CMST Value: YMJRxWDCUcUA
commandwindows.com/	1969-12-31 23:59:59	Name: ezepvvr Value: NaN

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: Assets loading completed
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://commandwindows.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://commandwindows.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://commandwindows.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://commandwindows.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
amazon-tam-match.dotomi.com
ap.lijit.com
apis.google.com
atemda.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bd44be7d223512f0c51e56829e06e388.safeframe.googlesyndication.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.deployads.com
c1.adform.net
casale-match.dotomi.com
cdn-3.commandwindows.com
cdn.ampproject.org
ce.lijit.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
commandwindows.com
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
csync.loopme.me
d5p.de17a.com
demand.trafficroots.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ezoic-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
icv.bannernow.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
js-sec.indexww.com
loadm.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
match.taboola.com
mcdp-chidc2.outbrain.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odb.outbrain.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.owneriq.net
red.erne.co
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssl.google-analytics.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.criteo.net
stats.bannernow.com
stats.g.doubleclick.net
storage.bannernow.com
sync-tm.everesttech.net
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.bluekai.com
targeting.unrulymedia.com
tcheck.outbrainimg.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
video.unrulymedia.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.109.78.125
104.111.242.53
136.144.59.88
139.162.78.222
142.250.184.194
142.250.185.162
142.250.185.230
143.204.93.227
151.101.14.132
151.101.14.49
158.69.224.51
159.65.196.12
162.55.6.210
169.197.150.7
169.50.137.190
174.137.133.49
178.250.0.157
178.250.2.131
178.250.2.151
18.156.12.32
18.194.4.26
18.195.105.17
18.195.155.181
18.197.47.23
18.198.126.47
18.237.96.144
184.31.88.106
185.184.8.65
185.29.135.226
185.33.220.240
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.86.138.142
185.94.180.126
188.165.137.78
193.0.160.129
193.122.128.135
198.148.27.134
198.148.27.140
199.232.137.44
2.18.232.130
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.19.35.65
2.21.111.28
2001:678:cb4:bbbb::11
202.241.208.55
208.100.17.172
213.155.156.167
213.19.147.42
213.19.147.45
216.52.2.39
23.45.99.241
2600:1f18:444a:4680:7493:838e:3006:4686
2600:1f18:612b:4200:8331:bab2:3072:ce38
2600:9000:2156:1800:2:cb38:840:93a1
2600:9000:218d:d800:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:ad1
2606:4700:3033::ac43:818c
2606:4700:3035::6815:4c02
2606:4700::6812:1cf8
2606:4700::6812:c05
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:811::200d
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:12::1370
2a02:fa8:8806:13::1460
2a02:fa8:8806:16::1400
3.125.134.133
3.126.56.137
3.127.76.126
3.228.62.17
3.64.28.223
3.66.135.160
34.102.219.251
34.120.25.144
34.197.43.243
34.240.2.137
34.96.105.8
34.98.107.212
34.98.64.218
35.156.250.242
35.186.193.173
35.190.113.31
35.212.101.174
35.227.248.159
35.244.174.68
37.157.4.41
51.178.20.140
51.222.80.231
51.68.39.188
51.89.21.30
52.0.240.240
52.17.188.230
52.208.210.171
52.222.174.22
52.222.200.121
52.29.9.114
52.30.135.179
52.30.95.9
52.45.185.178
52.49.238.187
52.71.70.131
52.94.232.32
52.95.123.167
54.175.198.118
54.194.226.253
64.202.112.191
64.74.236.191
66.155.71.25
69.173.144.138
69.173.144.139
70.42.32.31
72.251.241.196
76.223.111.131
8.43.72.97
85.114.159.118
88.214.193.99
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0280b3f24cb632b54830216ae0ea2e888adf56eed9dfd5ada84811d58fe772de
02cf6e1a7ea5ab1e676a82e81b24119902294b4514b11a4138e756e0d985b7d7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076c63f713871e395188ffb1a8205e7c0a50a1e318220154f4c2b0cb6e96c887
08bc5b2eb4be9bcfb0a533f41a80348f1d5620ee6aed2291b4ed5142cef8b0c6
0a3f51a61a903a0254c435009298e23ba9f2d1ed5ac5b7566337869244a3b7f5
0b05b4fdf98405edace9cb91aa22ca78159629b426c3b9b40e0b117a82d78d8f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e5105562ff30811565d5b8ae3b6be336d4957d61623997e860e90c9679a6c01
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1358abe46303e8dd77a682181b41b4b820e6b74babf2ac8d5bcf9838a0e00581
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
160b8958c636851c64813685c13d067eb1e68f55c97e334a9d859227cd703d71
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
187e5ab1d37aaa4779205fddec1d0bd632c73ba09db7590c8f79bc238557932f
1a6f922de8e691d7f46a2975a7e17a89238f60b53bd8bbe8ef758e8d35e51f90
1a7e55da55134d907ee21f0178e72fcb7e1ea3fbb64e78f03bd1c8b0e8616f05
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa
1e0c500c57328bcdd6992db38ed20a78a321a8b62197c1e0659231ed3ab1eb14
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4eb5c531a7c4136130548126e0e8e548c37b2347ce7ae6caefd62c96c33ba6
20cf54828e96bf56f21818160931f6cb692f1ab2005a3ce0c38d64777b9edb59
25cd6847176f8f8942c4872a32a0038e2255b71fe94813808d44e0d74969b092
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27ced91b889304b48cf0a350079863378435b5107f5f961d25b9e719066caea3
28560b5847779b3edc3be7ae0322e3f20cf4f4ee82327f4ee0fb093e76538b3e
29596ad12f842a2040f90d445c2c63cfe32024a91a70aa64a25961ffe80595b7
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
29cafdb806a19e65ac89de53b7e637038430fdd796448b94fa5e7646daac0563
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31cb5ff6401799c5a47f91f6f651ac455a96f328ddd27b386a6eaa5b2850e716
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e9a619897b9223115c6588f352612268c90c3d83990829768973759b0d1a6e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36dcf3360f5627a7db1973a12552c3a83becf5222e575044de96628fa73ec37f
3a677da8f32851941b090ee6e9294757cba154033200b20231b2a4ca7f62a820
3ab790f0057f16ba85f2ef67be0e5109dfffa102cda0356dadb2b0a4f4d14b41
3aea6a06298a0b487141adffed0784494756cc31ea80e5e5062dcd1724c96bc9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df10778d062fae40a45b3ee7a29d4eca7af79cf38de1947076e5ac8eb13f4d4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed7961b640cad3efd4a453277533d8f8c87368d0b46fde38fd5d8d7d9a7dea8
3f95c6c7943528b884fcd0d06e734f6a23712f5895d41a52ef7dbe8cb4f56ef6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
41f936ec8684fcbeb4cbb5cf6704ed3342a7d98f859e1fff343271abef3634d4
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
482e5a29dfc92cf0f3f2bdc1034b270edcfecc29e81311d2ed277c74ec091232
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca02368e4b9bd05145392bf54c984ae0a6973e0a7364c6b02df9013bd62c5e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b4590226bef6c7dcb22c0b11a0b97870947589e4e74d0a8c6269fb157e9a90
49e4f3cf90f3c563ee1f05ee947c22a9ab68354e3a20c8ae44582b6fe9e0c340
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba31f51e4f6c8f7cdb5c1a110f139f726b0c6c4795ad4c9cf2bcf93580d85ac
4c26e179ae492250ba315e5b2f5dab890c9ce066172bea38313ceb338bbcf92f
4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50f6dff614d8790df46d82793dd4a663bc67900e63f156a91cbfce0ef7396682
52b5c48a40fa3855f3b617ae95be55fecc1c5b487cef0f83d1dcd83f93b706fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
55fd8bce8a649d1883886d0b9f4486c5fd617f0374ccd8d47c918c0238f0c922
57852b0873517fb9167b9dbebf33a5fdf422689b02e7e8f56a46d2e689d384ad
59499c37eb41729cccda67f644447157ba534001913324a8a305cdcbd3bb5081
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a07291feded20a150aab27dffd4ffc0990d3062898801c079891a10ddcd58a5
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5c93a195621e388f1b4270b634bc4e081d513186745172e5bf946c56ad5035ad
5e0bafe2e97cae9c26e14d670e114d7de736f690bd089bee5b876a747e91bcf8
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60d06ce711556c890058505813bb23a16439292f0de18818f8631d95e276c06e
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
633411252cd3723532e0cb3c8c4214863de95cb26997c7ff3273aaf8f55d0d2a
64efdf33ff487ad815c53fe5f819454efd9364a0382e5f410972cfaa918fb66a
656396bf1faf1ae0a1f5edbbe80900ed5b6f04123ddc8376516dd5d842d4abd7
65fcced7ad1d47cbda75ff11bfecc8146b47de427be888bc3ef0f9161d4114f1
665563c2a4e788eebe41f1faf4dd748e9ed08e2575f1128a051c6416d3ad830e
6703896aab9704501c77657f250590b553f198b09ad92ae9bdb20320a3eba72f
67dcefb76e4a302acb6c1f6ed03ff0f1930c0c3e5a3673f168f57d033d1b4407
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5117f0b1a89b322a53d03ed18ceb8abf23cd0723a9339b94e6b860fe8a994e
6cbe1281634579c336e385dad795894066b956f914b9b95323fdb4156712d5cb
714a9506013ce253a27f15e90401d66c2ea5bdb4596e7d4fa0623171f9d7b416
71946a5f35932386a68a39dbe906a0b7f873945fa94321fd8ea9d74542f20220
7338d1df7a0b3b6d2c1177efc1f2ada1411fa054962b315ff80cbe9e0b905645
74db8b7301d4380bed64ab520e4efac8bf3414e98f8c0dce3edff6ef106c3959
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
783dc78f391e73383565c27f6546a7e3bb41b7e5fb9872d027e99bc1eba9cc82
78eeb94a98535644346ca02fe218cbdedba4fe3ab34f64a897a02849b06f49f8
79f0b526e4f526dfefebabcf466b5733b03e98816e9910126f0178aa7f0c9eaa
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82365680ddb2173ed757ef8ed4406085685a53b3ce36759cc31e91b151946806
82dc0cf134dffaa511edafabde826b751ffb781b1da4574f1c599402625e2233
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
869ad5af57cedda3619190f755b6ce8cc5c9857c2719e2cb27b0a3fad800ab9e
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8b988d1d4d7625ce5d8cb96e2c06bdd5ce1049f17b82604926db091297b5270d
8c38668a294f9b64ab97d315f6d130784c26264481d907bcdcb00eac8fb5955f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4148996d058adc797a2fe1a17d9046a27a6a9e9f5f13c0c01b21d6488b9aad
8e4af2299a43a672e3d2c5acbf422320bcde64fd1ee7db551b56013b8d8311b3
8f4232065b3c24a7449e6c9e4130a650f32ec4c53e9edc55de20b705ad53f055
8fe383fda0c75adf2e358b89f81f24247ea3069c83190fee491c6b449c0acf59
910c0a72ecc698017a61fc2a7d3d2358fa04aff13fe28540a0367a92b32d1a49
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
95816da4f4bcc48ba22daef1c6f131b0c2611d07e995cb653f44d9f26b6f3c85
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8cf38d1dee0b9ea30d20299c7cd8fa25b9d646c6bd86d364313aa04f009cac
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a26814bc35babf109f52be0e4d183569316287fe68ed6a84766d348663c06c7e
a39e006bdffd36ea6e9112b707f513911d5c2919cbdda68241af80aba63fdd30
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e762276ffd20732a10037842bac383dc64a7b230ab1f48f2a0ff7406b8b9c8
a6c9aca77de58176e1242e5495c1ccaed2397c14d7405299b1889b1affcee7de
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82c8e099b9ae8f770224a36884dc3d1b49997d9062c5e9de2df4717018c3dd4
a98e1f08dd27c121a337ddc31691d4044f56ae83301b574728548b78d3068d3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7a6473b7bcce61e13cee6c5d7fd9b7bb9300c197e3c68e722d14798dd9979c
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
adab1e55d321a65d4cc1abde330164c08c91229115cedb201979279136212941
adeacac4167dc188f54213893f0444ea5d60995143ad0552dcb4c383199a740b
adf082553fd34dd53dd8e8d5c16a9e6ee46d56a4d86079d538ffe6a2e7d991bc
b02708cf2f09f12d23a4de0015398adf3f4f5f07bd4c48be144bedabd483f1d8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c5a8431dfb4478fecaaf7e62d9ca9abc773710109a54fb666b65cd17740bd3
b1d498e3e12268c6a8b066ddb3468f90be4471748e97e4cebdd4d11d5dc55f2a
b25d60344a243968e6588253f0e2ba19cd2847e72627c4fb70f8efb125366891
b31c36cf78e9232d9b1f783da56b312630f6aea61a5390538823d8f777fdf1e7
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b84d898cd6fec1e60a4ebc43e1bfe112feea3e17f431b1c7a48aad8c4c8af34f
b8839c52cbf8c0d6356f538253e6e2a7a727094a6e008face018d499c7add929
b8bed4a74622a16fc676da17cebfa743552b932f572440a0a7a547971a789a0e
ba49e23fe9269a203befcd1ff0182766711afab8a5e9d098e86cb3ed13248be2
ba70b610a99e9541ed3dcc93979dee0eb13cc97fdea65f335d74103c9c8f082c
bac24448b9dc0b6286b50d9cab5d1c2c0e4f5a7d80f1006b3ea00920733d9e56
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8f69aad1271f6b0c599f99de82509d0f37e18e08968b3d8146076f2a0f34e1
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc1931e9b7250b3492c2efaa8fd009ab86c877d21cadec7ee99db8f9fc4bec2b
bd4967ed6f80b488d98eaabc667f20e6243d3ab3cdf331f3c7444c27e186656f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c354fd7f76af17650d2458c3f7b1d4743b9b359bc160825b6906a7e36084348e
c45b55f456b7dd076e63c2a4b5962a72593647b487d17b50c9f4494092febb55
c537f1918ca282fc0820dc056566aa980f76a0e53f8eaa8f7e7480ea9765fabb
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cc66e8aacdf1d1b6eb8f63d72db15f346416621fcd3c540cda368448f7d99320
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf897ca2cd255c7059b225b2c48ea9674fb280250d0e84bf65145adada65e344
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
cfb5dc63a0d331c654b627e921bee640d24f66f7b93e4eb0ceab9f1d3c308700
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d08a9476a75ce70b809a528e013c76ce2c649c298af7cd5304204292eee19131
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
d392ee0ff2a58b2d4ca05804207339310014ce6f76fd35a2855b0b8f6187c040
d5b02899512d246abb31ec58962287ddc495ded3d1b1570008b25eae06b9be9b
d69b7367820a37dfc6e0ff80d2cf5af4bf3a112cc5a9bc1b5052ecd2d4d1ea73
d6c0131b7d0bb5b9357db9ab738389a366293f39e25b6daf3f5271380783dcec
d966c80191b1e4cd4f9e3637ad8988826a93712007408c22978f6b5fad717f91
dbbd9c6c56c24a1345945fb630a7ed33182f65fc8d6baa5b2e2daeee9618f649
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dcd36419da7937e52754772f60380387c49f3243240a21f41ca6d87346f72a0e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddef9cc59b08263b13a4e437e55888036ea31f33ce85225146867cc69aa3313f
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df316374455605805d8b45d9bb242fd45fe70c9e85269e58f6a6327ab9b3e9b1
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43edcd2590bc6bd511a6966652f1c6cfed3c1fbf3c2caa42d274424b9b34bfb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e7fa0011ce222a3da295ce5db732eda18b746352f3897e4b917afc2a9046282e
e8047292d138b4f46fbe8493b4feed7d0e7777ffb56b3cc7ca0c7131ee9fe21f
ec6cb1ecb7a1a6b2fc9d46770a569eb42dfbbee2f4e845c7d9436229041e94d3
ec95f3546df767ceea72daf07e13781bb67da8175e098381ef80c3e9d610b5d9
ed290d3afc1e425d1794fdd38fd4310bb3e9420f0ed98fda92d1ff4795ca81df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3bd20d01b128b188d6b6b0409a73d2cc4e4d02aa3d6a518d80567703af71c7f
f6472b604edcdcb700c35ef761774e9d20a92fef53ea7434b52b44af7f295a06
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae
f81cada6b685f3ca2d3802a01a3562e85fd5851d9ee8fb05109cad3ab38790bc
f85b35286aaa9fa99ff405a1395b72717e29f694bdabb4fcc3b1f04d56c6f11b
f91ee2e457ad58dfe024d4608de8cfce0b2e5fa1c5478269f4cd013377c72feb
fac137995747a97f0ea71fe849ac9f7f9f84a280a5b879d1089ce7bb552ba3ac
fcbea93a1d8b9bf701289061f5573f3ceaccce28faad78b6d9e8130d97cfc81d
fcf651b298ea6da324899035397737be9904b6ca597839b11bbeb42055374b87
fd78f51affedcaa173cd1f15fca8f1fbecdbaafa7020cec2ae0fe3befbed5ea1
fe5493766afe3de391bb98b852762e483ff38839b847d568f72ac2560990bc1c

commandwindows.com Open in urlscan Pro 3.127.76.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

519 Requests

99 %HTTPS

28 %IPv6

106 Domains

169 Subdomains

106 IPs

11 Countries

2543 kBTransfer

5641 kBSize

22 Cookies

15 Outgoing links

Page URL History

Redirected requests

519 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

commandwindows.com Open in urlscan Pro
3.127.76.126 Public Scan

Screenshot
Live screenshot

Full Image

519
Requests

99 %
HTTPS

28 %
IPv6

106
Domains

169
Subdomains

106
IPs

11
Countries

2543 kB
Transfer

5641 kB
Size

22
Cookies

519 HTTP transactions
3 data transactions