urlscan.io logo urlscan.io
SecurityTrails logo

amenazaytx.site Open in urlscan Pro
2a02:4780:b:730:0:2ede:94d2:a  Public Scan

Go To Rescan Add Verdict Report
URL: https://amenazaytx.site/
Submission: On January 20 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 13 countries across 77 domains to perform 355 HTTP transactions. The main IP is 2a02:4780:b:730:0:2ede:94d2:a, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is amenazaytx.site.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 3rd 2023. Valid for: 3 months.
This is the only time amenazaytx.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2a02:4780:b:7... 47583 (AS-HOSTINGER)
6 2a00:1450:400... 15169 (GOOGLE)
3 13.32.27.27 16509 (AMAZON-02)
25 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
23 3.210.159.45 14618 (AMAZON-AES)
5 2001:4860:480... 15169 (GOOGLE)
4 2606:50c0:800... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 2a00:1450:400... 15169 (GOOGLE)
4 205.185.216.10 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
3 9 185.89.211.84 29990 (ASN-APPNEX)
6 51.89.9.252 16276 (OVH)
4 34.107.148.139 396982 (GOOGLE-CL...)
1 5 147.75.85.234 54825 (PACKET)
2 6 185.184.8.90 204995 (RTB-HOUSE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 52.59.131.18 16509 (AMAZON-02)
4 2a02:2638:1::1a 44788 (ASN-CRITE...)
14 52.31.248.0 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 13.32.27.54 16509 (AMAZON-02)
8 76.223.111.18 16509 (AMAZON-02)
5 37.157.3.30 198622 (ADFORM)
2 37.157.2.247 198622 (ADFORM)
10 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.109.57.2 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
14 205.185.216.42 20446 (STACKPATH...)
3 104.111.217.162 16625 (AKAMAI-AS)
6 70.42.32.191 22075 (AS-OUTBRAIN)
1 147.135.143.112 16276 (OVH)
2 3.9.51.10 16509 (AMAZON-02)
4 184.30.20.47 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 92.123.38.97 16625 (AKAMAI-AS)
1 13.32.27.10 16509 (AMAZON-02)
1 2.18.36.181 16625 (AKAMAI-AS)
1 52.48.137.153 16509 (AMAZON-02)
1 2 185.86.139.104 201081 (SMARTADSE...)
2 4 172.64.154.237 13335 (CLOUDFLAR...)
2 2 104.96.145.246 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
3 2.18.36.193 16625 (AKAMAI-AS)
1 2600:9000:206... 16509 (AMAZON-02)
2 2 72.251.249.14 32475 (SINGLEHOP...)
1 216.52.2.39 32475 (SINGLEHOP...)
4 4 213.19.147.44 26120 (RHYTHMONE)
7 52.223.40.198 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 69.166.1.10 27630 (AS-XFERNET)
4 4 3.126.56.137 16509 (AMAZON-02)
1 1 3.88.253.42 14618 (AMAZON-AES)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 198.47.127.19 3257 (GTT-BACKB...)
5 7 142.250.186.66 15169 (GOOGLE)
2 3 52.46.128.147 16509 (AMAZON-02)
1 6 185.80.39.216 27381 (CASALE-MEDIA)
1 1 185.183.112.155 60350 (VP)
3 3 64.202.112.159 22075 (AS-OUTBRAIN)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 3 185.29.134.248 30419 (MEDIAMATH...)
1 1 185.89.211.116 29990 (ASN-APPNEX)
1 17 52.210.15.1 16509 (AMAZON-02)
6 6 52.58.161.171 16509 (AMAZON-02)
2 2 35.157.209.111 16509 (AMAZON-02)
1 1 54.211.49.49 14618 (AMAZON-AES)
1 1 184.30.17.14 16625 (AKAMAI-AS)
1 1 198.148.27.139 19189 (PULSEPOINT)
3 3 20.13.96.71 8075 (MICROSOFT...)
2 2 182.161.74.16 55569 (CRITEO-AS...)
1 2 178.250.0.163 44788 (ASN-CRITE...)
2 2 35.244.159.8 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 54.175.24.238 14618 (AMAZON-AES)
1 193.122.130.38 31898 (ORACLE-BM...)
2 169.197.150.8 398989 (DEEPINTENT)
2 2 52.16.248.222 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 141.95.98.64 16276 (OVH)
2 2 151.101.194.49 54113 (FASTLY)
2 2 18.156.32.70 16509 (AMAZON-02)
1 1 124.146.215.48 2514 (INFOSPHER...)
1 80.77.87.162 46636 (NATCOWEB)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 3 185.86.137.133 201081 (SMARTADSE...)
2 2 35.210.53.219 19527 (GOOGLE-2)
8 69.173.144.165 26667 (RUBICONPR...)
1 2 37.157.4.23 198622 (ADFORM)
3 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.182 1299 (TWELVE99 ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
2 3 67.220.226.234 16509 (AMAZON-02)
2 2 141.94.171.214 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
1 52.18.161.122 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 35.204.158.49 396982 (GOOGLE-CL...)
1 8.43.72.98 26667 (RUBICONPR...)
1 1 34.200.16.206 14618 (AMAZON-AES)
1 192.132.33.46 18568 (BIDTELLECT)
1 198.47.127.20 ()
355 84
28    2a02:4780:b:730:0:2ede:94d2:a (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
amenazaytx.site
6    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.32.27.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-27.fra56.r.cloudfront.net
cdn.purpleads.io
25    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eswhik.com
9    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:10::6816:4be5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sendwebpush.com
23    3.210.159.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-159-45.compute-1.amazonaws.com
api.purpleads.io
5    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
eswhik.github.io
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.psdn.xyz
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
9    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
4    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    52.59.131.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
14    52.31.248.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
3    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
ib.3lift.com
8    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
10    2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
12    2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    104.109.57.2 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-57-2.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
14    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.flashtalking.com
3    104.111.217.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-162.deploy.static.akamaitechnologies.com
images.outbrainimg.com
6    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    147.135.143.112 (Roubaix, France)

ASN16276 (OVH, FR)
mediaintelligence.de
2    3.9.51.10 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-51-10.eu-west-2.compute.amazonaws.com
ad-events.flashtalking.com
4    184.30.20.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-47.deploy.static.akamaitechnologies.com
stat.flashtalking.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com
contextual.media.net
1    13.32.27.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-10.fra56.r.cloudfront.net
public.servenobid.com
1    2.18.36.181 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-181.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    52.48.137.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-153.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:206f:5600:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.88.253.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-253-42.compute-1.amazonaws.com
ssp.disqus.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
7    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
3    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
17    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
6    52.58.161.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-171.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.157.209.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-209-111.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    54.211.49.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-49-49.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    184.30.17.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-14.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.outbrain.com
2    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.eu.criteo.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    2a05:d018:d29:3601:3fa2:8fc7:943c:2dee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    54.175.24.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-24-238.compute-1.amazonaws.com
sync.ipredictive.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    52.16.248.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-248-222.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.48 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    2a05:d018:24:b002:7c71:3140:9ace:c0bc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
8    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loada.exelator.com
1    52.18.161.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-122.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    34.200.16.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-16-206.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
1    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
28 amenazaytx.site
amenazaytx.site
2 MB
26 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 45500
api.purpleads.io — Cisco Umbrella Rank: 28104
74 KB
25 eswhik.com
cdn.eswhik.com
80 KB
21 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 773
cdn.flashtalking.com — Cisco Umbrella Rank: 1023
ad-events.flashtalking.com — Cisco Umbrella Rank: 2286
stat.flashtalking.com — Cisco Umbrella Rank: 2646
763 KB
20 googlesyndication.com
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
155 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
240 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1318
usersync.gumgum.com — Cisco Umbrella Rank: 1725
6 KB
17 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 506
ib.3lift.com — Cisco Umbrella Rank: 1350
eb2.3lift.com — Cisco Umbrella Rank: 333
68 KB
15 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 840
eus.rubiconproject.com — Cisco Umbrella Rank: 532
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1031
24 KB
15 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1645
public.servenobid.com — Cisco Umbrella Rank: 3061
10 KB
13 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 702
simage2.pubmatic.com — Cisco Umbrella Rank: 654
image2.pubmatic.com — Cisco Umbrella Rank: 862
aud.pubmatic.com — Cisco Umbrella Rank: 4371
simage4.pubmatic.com
32 KB
12 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1862
mp.4dex.io — Cisco Umbrella Rank: 1893
99 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 698
gum.criteo.com — Cisco Umbrella Rank: 385
mug.criteo.com — Cisco Umbrella Rank: 2848
dis.criteo.com — Cisco Umbrella Rank: 703
widget.eu.criteo.com — Cisco Umbrella Rank: 20564
10 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
acdn.adnxs.com — Cisco Umbrella Rank: 550
secure.adnxs.com — Cisco Umbrella Rank: 413
26 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
7 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
218 KB
9 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2131
log.outbrainimg.com — Cisco Umbrella Rank: 2382
126 KB
9 adform.net
track.adform.net — Cisco Umbrella Rank: 3926
s1.adform.net — Cisco Umbrella Rank: 8701
c1.adform.net — Cisco Umbrella Rank: 590
38 KB
8 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2439
www.google-analytics.com — Cisco Umbrella Rank: 22
21 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
2 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 276
2 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960
5 KB
6 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5807
creativecdn.com — Cisco Umbrella Rank: 533
1 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
1 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
424 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417
2 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 780
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
2 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 838
837 B
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1038
contextual.media.net — Cisco Umbrella Rank: 543
11 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
205 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 521
3 KB
4 psdn.xyz
cdn.psdn.xyz — Cisco Umbrella Rank: 65443
482 KB
4 github.io
eswhik.github.io
25 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 712
1 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 515
2 KB
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 850
ap.lijit.com — Cisco Umbrella Rank: 595
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3812
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 26833
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2968
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4845
562 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4757
755 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1387
676 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1048
529 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
638 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 648
623 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 835
83 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 420
675 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3807
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 636
995 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
58 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
4 KB
2 sendwebpush.com
cdn.sendwebpush.com
9 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 704
263 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1331
547 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 788
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 747
266 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 931
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 935
692 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 393
1 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1128
619 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1224
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
465 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 525
387 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 516
766 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 650
584 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1513
268 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1375
109 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1291
483 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 803
498 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 726
735 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 2867
484 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
48 KB
1 mediaintelligence.de
mediaintelligence.de — Cisco Umbrella Rank: 409172
6 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
792 B
355 77
Domain Requested by
28 amenazaytx.site amenazaytx.site
25 cdn.eswhik.com amenazaytx.site
cdn.eswhik.com
23 api.purpleads.io cdn.purpleads.io
amenazaytx.site
17 usersync.gumgum.com 1 redirects g2.gumgum.com
14 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
14 ads.servenobid.com cdn.psdn.xyz
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
12 tpc.googlesyndication.com amenazaytx.site
securepubads.g.doubleclick.net
tpc.googlesyndication.com
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 ib.adnxs.com 3 redirects cdn.psdn.xyz
acdn.adnxs.com
9 securepubads.g.doubleclick.net amenazaytx.site
securepubads.g.doubleclick.net
8 eb2.3lift.com amenazaytx.site
ib.3lift.com
cdn.psdn.xyz
8 script.4dex.io cdn.psdn.xyz
script.4dex.io
7 cm.g.doubleclick.net 5 redirects g2.gumgum.com
ssbsync.smartadserver.com
7 match.adsrvr.org public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
eus.rubiconproject.com
6 x.bidswitch.net 6 redirects
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
amenazaytx.site
6 log.outbrainimg.com amenazaytx.site
6 tlx.3lift.com cdn.psdn.xyz
amenazaytx.site
6 onetag-sys.com cdn.psdn.xyz
public.servenobid.com
6 www.googletagmanager.com amenazaytx.site
cdn.eswhik.com
www.googletagmanager.com
5 track.adform.net ib.3lift.com
s1.adform.net
5 prebid.a-mo.net 1 redirects cdn.psdn.xyz
5 www.google.com 3 redirects cdn.eswhik.com
tpc.googlesyndication.com
5 region1.google-analytics.com www.googletagmanager.com
4 pixel.rubiconproject.com eus.rubiconproject.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com eus.rubiconproject.com
4 ups.analytics.yahoo.com 4 redirects
4 sync.1rx.io 4 redirects
4 eus.rubiconproject.com public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
4 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
ssum-sec.casalemedia.com
4 stat.flashtalking.com amenazaytx.site
4 googleads.g.doubleclick.net amenazaytx.site
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
4 bidder.criteo.com cdn.psdn.xyz
4 mp.4dex.io cdn.psdn.xyz
4 prebid-eu.creativecdn.com cdn.psdn.xyz
4 prebid.media.net cdn.psdn.xyz
4 www.gstatic.com www.google.com
amenazaytx.site
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
4 cdn.psdn.xyz cdn.purpleads.io
4 eswhik.github.io cdn.eswhik.com
eswhik.github.io
amenazaytx.site
3 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 sync.outbrain.com 3 redirects
3 sync.mathtag.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
amenazaytx.site
3 images.outbrainimg.com amenazaytx.site
cdn.purpleads.io
3 ib.3lift.com amenazaytx.site
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdn.purpleads.io amenazaytx.site
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com g2.gumgum.com
eus.rubiconproject.com
2 us-u.openx.net 2 redirects
2 widget.eu.criteo.com 1 redirects g2.gumgum.com
2 dis.criteo.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 cms.quantserve.com 2 redirects
2 ce.lijit.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn.psdn.xyz
static.criteo.net
2 ad-events.flashtalking.com amenazaytx.site
2 s1.adform.net track.adform.net
s1.adform.net
2 beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 unpkg.com eswhik.github.io
amenazaytx.site
2 cdn.sendwebpush.com amenazaytx.site
cdn.sendwebpush.com
1 simage4.pubmatic.com ads.pubmatic.com
1 bttrack.com eus.rubiconproject.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 id5-sync.com g2.gumgum.com
1 sync.inmobi.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 sync.adotmob.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 sync.adkernel.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 ap.lijit.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 acdn.adnxs.com cdn.psdn.xyz
1 public.servenobid.com cdn.psdn.xyz
1 contextual.media.net cdn.psdn.xyz
1 mug.criteo.com
1 www.googletagservices.com amenazaytx.site
1 fonts.gstatic.com fonts.googleapis.com
1 mediaintelligence.de cdn.flashtalking.com
1 servedby.flashtalking.com amenazaytx.site
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
355 118

This site contains links to these domains. Also see Links.

Domain
eswhik.com
www.kadencewp.com
Subject Issuer Validity Valid
amenazaytx.site
ZeroSSL RSA Domain Secure Site CA		 2023-01-03 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.purpleads.io
Amazon		 2022-10-31 -
2023-11-29		 a year crt.sh
*.eswhik.com
E1		 2022-12-28 -
2023-03-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-23 -
2023-07-23		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
psdn.xyz
E1		 2022-12-29 -
2023-03-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-11 -
2023-11-12		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-25		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
mediaintelligence.de
Thawte TLS RSA CA G1		 2022-11-24 -
2023-12-25		 a year crt.sh
ad-events.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-03 -
2023-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.servenobid.com
Amazon		 2023-01-07 -
2024-02-05		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2023-01-16 -
2024-02-15		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh

This page contains 54 frames:

Primary Page: https://amenazaytx.site/
Frame ID: 9372E2EBCCD0F9FC123E9F5B39A135AF
Requests: 108 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: D1E44E9DF547E00A3536D395EC612350
Requests: 14 HTTP requests in this frame

Frame: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78C1D61DFCDBC63F182E08EF2471C577
Requests: 1 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: C8D0E2C683144E0EED7F0409291647C0
Requests: 12 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: B8C157C47EB954F5CAF5F7FCB13F2B30
Requests: 12 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: D91FBDC95BA9EB236B5951A4E3ADA061
Requests: 12 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Frame ID: AFCFEAAB0832F2872DC547BDE4F0C032
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: DDDE40DFC7586F735B3B0A54CA5AC753
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60256336;rtbwp=0.079;rtbdata=az2fU4u2ZyrZqQHYT_Qd8NQ3GMJ7_K4SByebVfZ7l6T0Nw8hRAFD9pq7YNCCx7MXhFvbxb3NgPbvyf1zHsVaNjhfhOBpijoqzVzzPMF09PhiJf5rIjkNGldqgQB90GQS6sYgissxpNoexR5bUXfDEY7_SMj5PzFa-3-ZXXBTrUxDsOHfHSml50UHIVOdXsxR0
Frame ID: 46D5893CB1EF84E9BD1FCC08261A9167
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: 46D261D8B1A6FFEF7A88EE2FDA20D0AE
Requests: 11 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: B67DBF17A320B6F3CDDBD98F4E0F8C01
Requests: 4 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/173489/4158002/index.html
Frame ID: 5C04D150AF453660BD042242F13C4FCF
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: A6C6C851476E3DF1B3B97B80C335F8CC
Requests: 13 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 6E847B47B051E54AB637EB6B556CA6A4
Requests: 4 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=56313
Frame ID: 3AFBF89F5B1335734929DA73CC27110C
Requests: 1 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 1FBE70EACE2BD686164309D6242A243F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 559E28A65D9E2F577E300EE8D1A47FA9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7FD650514D9DE2C9E1897CC9EAD68A21
Requests: 2 HTTP requests in this frame

Frame: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D859CD425E6B38040E44BB2F57EDC7DD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 02671A9876B2100B8F3440CCE2164AC3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CFB07965D53BF4A1E391C370EB40D156
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 988C05CCC412E1B2F11DCEB28ABB2B7C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amenazaytx.site
Frame ID: BF6F95E8340DB87D6694B1947F331C09
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 470A4229868A6204E3982ECB73C45FE1
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 2594703C29B454A10353DB96B852A29E
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 75661C0871E61CF85EF38781ACB47D4A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 290B95DB86A8D8DA3AF79A1D6C09BD1A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1674205696624
Frame ID: C57A37CEAE0CACB16BDC2BAB692C1EED
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: DD9F78C5466925B1CE42833B4D432A12
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 107CD77ED3AD5C0043961A0C496A8E2C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 77D1A92DFF883C5C18EDE94A98F26E32
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 93B7C616F4A8C0D9AF1B545155080DC4
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: BD0F9A5F434E7F6A2DD2684F2CF5C3C9
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: AD3D4F9480CED74868AE85B16596950A
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: DD47F3AD38D47C725186AB5F4169039D
Requests: 1 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 8E2289DB6A04F35EE01E0EE7B4F50F18
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EA85A48ACEB0D8BEB5FE57E0C7F34511
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: C9F5C9EA257A61B7560D6891115FB0BF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Frame ID: 8CD68DC19A35BB7B99A7174132062F25
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y8paBAAAALmEtwA_&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_
Frame ID: AC85A3A3972F9C0B0BC85438E427A154
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lM2NhYTAwZS03ODAzLTRjZjctYTUzMC1hNDQ0MGU4NjM1NTk=&gdpr=0&gdpr_consent=
Frame ID: D74A78F274F2D35A986063CF5DED541F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=5752836970381268941brt50781674205700332243f1
Frame ID: 505F23EBF6C920F6681393BC7C6063AC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y8paBcCo8YUAACaJHJkAAAAA
Frame ID: D597B7850434ACF465761B59FD306F43
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_e3caa00e-7803-4cf7-a530-a4440e863559&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 8554CAB0E75C43E83053C66DDBC41BCB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y8paBPdvZNLF.1OfkCksZwAA%261191
Frame ID: DFF727265DA2F79176A1BCEBF5A236E7
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=j06SCzQNbPiuIakRHkgK&pi=gumgum&tc=1
Frame ID: 434856FEFF6C60C6ECDCF4F192EFB060
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: ED1AB64918B9D68A0966071A93858685
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=0&gdpr_consent=
Frame ID: 764580ED59A17E1F45779F1D135CC3CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Frame ID: 3D92A28DCD690992B831805C1EBAA12A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9066896061604215831
Frame ID: 48AB44814367F51409437E033F2560A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 516BF977ECB89E761C7F5164F3F163B7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7
Frame ID: CABA82E889B33CBF5B84D89D754C680C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: A2CADF982AE069DD9AA864A1F1DEB45A
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=F1C6ADD8-1928-4894-9408-49DD9760A828
Frame ID: 73DEAECEC2C05F2D6B2DB614E571C36E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MundoYT NBM - Tus mejores archivos aquíAlternar el menúContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarSiguiente

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

355
Requests

88 %
HTTPS

26 %
IPv6

77
Domains

118
Subdomains

84
IPs

13
Countries

4997 kB
Transfer

10319 kB
Size

116
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 180
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 215
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 245
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 255
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=amenazaytx.site&sn=ChromeSyncframe&so=0&topUrl=amenazaytx.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HNKjqHxEM2loWWJ4bE85K2dHMFNORjRwZE1EYWdWNEU4WnlLeU95VlhGTUNtaWJBTHlzN2JqbFpCNkdUQUpmTG95a2dCOURoOWtjZHFoTExsVkhWNmhJKzNrYWx5bzhOd3ZEV3l3WmoxNzVORlh5aDlIYk9td0JHTU1laHYxQ3EzMU5rYXdRUTR2OC9yOENKbVhCOUkyL3RETlRCeGhOTWx6dEJsVmVENDE4RitVa2pGbnk5V1pOaFBYdkw1Sm0weHhzSzR0YmxPc2R0cDJ6eHc5WDQySDZpSWIra2ZsVzdJYllVeTJlYXVHT213UmF3QVRQemVyZXVQMmdjM1VWS1ZiZFQxQ2prN3hOYmRra3pHaHEzL1hwbzRNQT09fA&cppv=2
Request Chain 264
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 265
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 268
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5752836970381268941
Request Chain 269
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GBGEpRZHd0Neq6HASBOcSYTk
Request Chain 271
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674205700393 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=191258801
Request Chain 272
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210823235660915
Request Chain 274
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=71b5d376-e5f9-457c-8c2a-671e67fb3321&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 275
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
Request Chain 276
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EyAhsSOAE=%26buyeruid%3D%7BUID%7D
Request Chain 277
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHFr-tjytYulGkbs8MH8cOs&google_cver=1
Request Chain 281
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB&dcc=t
Request Chain 282
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8paBPdvZNLF.1OfkCksZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENn9pxI-irToMcEX6OCgR6k&google_cver=1&google_hm=2
Request Chain 284
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 285
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 286
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0tQnfdGGdCjJ03x6hoNpKtbWIX3Jgn14hYPQrSr3
Request Chain 287
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fda663ca-5a04-4d00-8a38-c8306842373b
Request Chain 290
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5752836970381268941
Request Chain 291
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e3caa00e-7803-4cf7-a530-a4440e863559&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e3caa00e-7803-4cf7-a530-a4440e863559&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=37a96d8a-87a2-4e71-94d8-2cd4e34f8e16&ssp=gumgum2&expires=30&user_group=5&bsw_param=9f017518-ba6c-4d8d-b340-f35e0e673529 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9f017518-ba6c-4d8d-b340-f35e0e673529
Request Chain 292
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-194e26c5-3976-4457-445b-cc3b42891e6f$ip$81.95.5.44
Request Chain 293
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e3caa00e-7803-4cf7-a530-a4440e863559&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=7B3ZtmLC0atiC6YSXQ7X&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2CGNNHI3KMIMYGC5DJIM3FSU2YKE3VQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2CGNNHI3KMIMYGC5DJIM3FSU2YKE3VQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7B3ZtmLC0atiC6YSXQ7X&us_privacy=1---
Request Chain 294
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1674205700393 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1410524352
Request Chain 295
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=91C3yVNxxuuj&ev=1&pid=558355
Request Chain 296
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28hOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28hOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e3caa00e-7803-4cf7-a530-a4440e863559&obuid=ENC(hOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DhOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform HTTP 302
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DhOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform
Request Chain 297
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=3a980348-8ac3-49fd-893a-5ed67131600f
Request Chain 298
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-XQZsjwZE2pfNZOJ52pLwrtuAoUEuGFVakrZM~A
Request Chain 299
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=3f231c80-0700-454e-8be8-86446772acdd
Request Chain 302
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=09a6f855-cf9e-4352-b519-9fa50241d6b2
Request Chain 303
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5792732571322418295
Request Chain 305
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 308
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Request Chain 309
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_ HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y8paBAAAALmEtwA_&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_
Request Chain 311
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5752836970381268941&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=5752836970381268941brt50781674205700332243f1
Request Chain 312
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y8paBcCo8YUAACaJHJkAAAAA
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y8paBPdvZNLF.1OfkCksZwAA%261191
Request Chain 315
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=j06SCzQNbPiuIakRHkgK&pi=gumgum&tc=1
Request Chain 316
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 318
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=901fc062-2b21-452c-9416-9dfd338d0b79&gdpr=0&gdpr_consent=
Request Chain 320
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTc5MjczMjU3MTMyMjQxODI5NQ==&gdpr=0&gdpr_consent=
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0d6e3e29-55b8-45b1-a5ad-0bbca351fd06&user_group=1&ssp=smartadserver&bsw_param=9f017518-ba6c-4d8d-b340-f35e0e673529 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9f017518-ba6c-4d8d-b340-f35e0e673529&gdpr=&gdpr_consent=
Request Chain 325
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Request Chain 326
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9066896061604215831
Request Chain 327
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 328
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7
Request Chain 329
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8cat2BkoSJSUCEndl2CoKA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 332
  • https://pixel.onaudience.com/?partner=214&mapped=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8ff708fc95587915dfbfc8a887dc6dca&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2296f5ad7a6b5063/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 333
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F1C6ADD8-1928-4894-9408-49DD9760A828&addseg=19,36,42
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjFDNkFERDgtMTkyOC00ODk0LTk0MDgtNDlERDk3NjBBODI4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFxlEBuxUd43N7bDBeoJ5iw&google_cver=1
Request Chain 337
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1014073015171931799
Request Chain 345
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YLJxJVhsSbqZb-gbbP5tDA&rk=usync-other
Request Chain 346
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vAU46phhSfuAGABphl3Wbg&rk=usync-na
Request Chain 348
  • https://beacon.lynx.cognitivlabs.com/rb.gif HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=aa54fde2-36c7-4979-9f6e-2cc90fc38abf&expires=365

355 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amenazaytx.site/ 		103 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
bcbeccdfe2ee07969670ac949bbe76f1a39c292a7e174b99caf046fac15ef012
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 09:08:14 GMT
link
<https://amenazaytx.site/wp-json/>; rel="https://api.w.org/"
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
wp-emoji-release.min.js
amenazaytx.site/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 24 May 2022 23:45:53 GMT
server
LiteSpeed
etag
"48b9-628d6e31-c34caf64fe392e84;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4572
expires
Fri, 27 Jan 2023 09:08:15 GMT
style.min.css
amenazaytx.site/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 12 Jul 2022 23:44:29 GMT
server
LiteSpeed
etag
"15b64-62ce075d-be40088ceb664da0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
10703
expires
Fri, 27 Jan 2023 09:08:15 GMT
cookie-law-info-public.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"c22-63a5becf-815ad1f37405df36;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
824
expires
Fri, 27 Jan 2023 09:08:15 GMT
cookie-law-info-gdpr.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"6a71-63a5becf-995bc4419ba8c806;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4069
expires
Fri, 27 Jan 2023 09:08:15 GMT
global.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"4bb7-63713abc-daa6b411c7136226;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4238
expires
Fri, 27 Jan 2023 09:08:15 GMT
header.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:09 GMT
server
LiteSpeed
etag
"6c84-63713abd-47f94de2a1c697cd;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4235
expires
Fri, 27 Jan 2023 09:08:15 GMT
content.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"7fcd-63713abc-d3e87fec4bb3ac3;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5481
expires
Fri, 27 Jan 2023 09:08:15 GMT
sidebar.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		749 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/sidebar.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
51bb6e5e42da084b36fc157bdc14d6df9a559d918da43fd26bc9ff80d9e1b4d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"2ed-63713abc-6af42f615ef6b4b0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
218
expires
Fri, 27 Jan 2023 09:08:15 GMT
footer.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:09 GMT
server
LiteSpeed
etag
"49c0-63713abd-212bce3bfdc7c558;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1651
expires
Fri, 27 Jan 2023 09:08:15 GMT
button-styles.css
amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Jul 2022 01:57:03 GMT
server
LiteSpeed
etag
"2293-62c8e06f-98b34d63d4f3ed6d;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1212
expires
Fri, 27 Jan 2023 09:08:15 GMT
jquery.min.js
amenazaytx.site/wp-includes/js/jquery/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 10 Mar 2021 20:37:24 GMT
server
LiteSpeed
etag
"15db1-60492e04-d6db397d9b8af042;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
30027
expires
Fri, 27 Jan 2023 09:08:15 GMT
jquery-migrate.min.js
amenazaytx.site/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 18 Nov 2020 14:36:06 GMT
server
LiteSpeed
etag
"2bd8-5fb53156-b75f952454f0e777;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3984
expires
Fri, 27 Jan 2023 09:08:15 GMT
cookie-law-info-public.js
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"8583-63a5becf-345abe83e0853f6a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7094
expires
Fri, 27 Jan 2023 09:08:15 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2aa4fd8b014f21cf6d3ea3f192632801d571fc972c212e76b4ba73f7605acd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77722
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 09:08:15 GMT
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:47:59 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
73217
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
LnGuM8Z_uCTb7TlXOrw0KYDzMqQch1Y-oAt9WubWcNZgcKyfxgzRFQ==
theme.js
cdn.eswhik.com/npm/ 		313 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/npm/theme.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5536aad22eaec75feb7fea986b8f40679daefaf9ad561eb2965c756d474947c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Aug 2022 17:49:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTfpQCraHO6xX3hscoa7z93spv2Z%2Bmf%2FLbuUdyEBH3vn1NoscJKwy%2BQbHciqS4x7m2RLi8ZvXfugHioMJMe4ZUV%2Be%2Frl%2BfECPU90Z%2Be2INoN5ZhAbu4zHiPZ5RoQU%2FBE%2FjbmHCosWzdm1gJJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1bfc0f91f0-FRA
expires
Fri, 27 Jan 2023 03:32:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7640773899458de6505f8d74452bac91d2cbf258cb95e650c0db507d51a5e5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27774
x-xss-protection
0
server
sffe
etag
"1457 / 378 of 1000 / last-modified: 1674187653"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Jan 2023 09:08:15 GMT
603d92f98981a_2103.js
cdn.sendwebpush.com/adsendwebpush/client_services/ 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/client_services/603d92f98981a_2103.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4d1b836c2b902736e6390d5ce16ef2fb08b804585c60f4958cc2a23d7b0278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 30 Dec 2022 16:43:35 GMT
server
cloudflare
x-amz-request-id
MGSQPBVSN6Y7GC9E
etag
W/"697bdc9e1c4066bef42ca6d6f8c97372"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
78c6aa1c8d029b51-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
cUJi/pSQs7t03jyPKezgqsaY2osatN3Gbin6CBonH8psScjiGqcivzYu2mFXA+HavR5oWYfBtlM=
close.png
cdn.eswhik.com/img/icons/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eswhik.com/img/icons/close.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9567220eb5f2b07603aae51a311748502edfa671e807f99196f34af344ef306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25704
last-modified
Tue, 29 Mar 2022 01:23:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDGLJxOPdP%2FrVlu%2By%2FcYH4lW9TeCL8ZX28gkfWlIgLLWmWXgIKSN%2BxAvnvUzvh2W%2FE1Ii6XTGtJtCFlxV554tF%2FWvEWx3lR0Qx%2FGWUl24pFG20w96qQNHvsyKYxLFmXt%2B1Q5Y4TRJfwyQzmYxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78c6aa1c498b9122-FRA
expires
Fri, 27 Jan 2023 09:01:14 GMT
ip-350x250-cpm
cdn.eswhik.com/drive/ads/ 		825 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/ads/ip-350x250-cpm
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0121bf42f1b2aa9d0a57f8911e9a80d4744a910ccf8c1363b2ddbcf58765992e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Apr 2022 02:13:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oto09oU4E33b7o2ijzhXJ9%2FzqZ8b6gg0wXTDZYMW7meoev%2BbdmkkXE8A%2F6sn9V2juMFr%2FlLChz9IX0KPAtcymEJDZLD0rzLC6Qo5DHR43XWi0rIUhxJApvnHDvwqD8pN%2FeSq%2FTcDCX7ek4fkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1c2c7691f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
elon-musk-tesla-bitcoin-768x432.png
amenazaytx.site/wp-content/uploads/2022/12/ 		452 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/elon-musk-tesla-bitcoin-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bc4ff10b35a5ba443996e0aa309f63af282a2a81a02e35705430ec21892984dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 13 Dec 2022 22:54:21 GMT
server
LiteSpeed
etag
"711a0-6399029d-cd72d1d58b00058;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
463264
expires
Fri, 27 Jan 2023 09:08:15 GMT
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:47:59 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
73217
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
ecN12uFvgkeANHf3W5J44fnoXpuR8TxCLNuDBCOf54NhR48Na8QqRw==
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 12:47:59 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
73217
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
3vPjExOwoM_GiXPu4xK5kbfOJl7opEhfibrSFP4sgqseGP7UN4IF_g==
cookie-law-info-table.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"17e1-63a5becf-70daee6a639c4f19;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1604
expires
Fri, 27 Jan 2023 09:08:15 GMT
navigation.min.js
amenazaytx.site/wp-content/themes/kadence/assets/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"543e-63713abc-ea992678d409601;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5227
expires
Fri, 27 Jan 2023 09:08:15 GMT
dashicons.min.css
amenazaytx.site/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/css/dashicons.min.css
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 04 Mar 2021 02:46:22 GMT
server
LiteSpeed
etag
"e688-604049fe-7d38d0da2325dc9e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
35099
expires
Fri, 27 Jan 2023 09:08:15 GMT
font-awesome.min.css
amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Jul 2022 01:57:03 GMT
server
LiteSpeed
etag
"159d8-62c8e06f-d25236d0135ca3e9;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11531
expires
Fri, 27 Jan 2023 09:08:15 GMT
tags
cdn.eswhik.com/npm/ 		1 KB
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/npm/tags
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/theme.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2804abe47f80f47f18c36af50e7bf8e520e37eea1b8426110e8f7b2e0cbf4ce6

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 18 Oct 2022 18:01:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2YJMjejTwMgCMFJ353BQ2Pw4sdZ%2FJ2tnlKA5SHIvxjEyWUZQdVsSM3tKD654CEjEoo8Klm%2FGsgxeVEDzZzGoIo%2FvdujgW06Zj9Ro0M9IeuMWGlrjKdFJhUcyufpQDezZ6V63bfj%2B%2FS82xmNbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1c498f9122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
init
api.purpleads.io/x/ 		87 B
381 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1674205695450
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
etag
W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
content-length
87
x-request-id
c42fa425-a30b-421a-9122-9d626ed6cc24
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1674205695450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:15 GMT
x-request-id
dfa634c4-a8a8-4571-89cd-2eddec7cdf0a
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HVPFKTV6LZ&gtm=2oe1i0&_p=338162257&cid=965074567.1674205696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674205695&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.purpleads.io/x/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=d1c84988-6e30-486a-a065-3e2774587107&ts=1674205695654
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
2fdf0fe5886f02dbeae515cbff881f41da5cdb8520e0b00b7a0f238b7a8158dd

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
pa-user-id
d576534b-9092-4f66-b40b-9dfa4d5f32c7
etag
W/"e0b-82WpeQT7i5qh2mzvexowjtAa5WE"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
aa9e484d-ba5f-44b3-acee-83b77c04b746
jquery-3.5.1.min.js
cdn.eswhik.com/drive/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 00:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
41618
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlvHcwiTrMNvfxtYLUMENj0VHb%2FiSE7ffCBpgH6QnTCzkRlQNsj0%2BMbCpCLTBuH8RS4t1PrRlszOogLhZ6mvMADN9qq%2FWjHYdwjkRYjbzng762TwhqmcKhhCVv6C%2FpCSsCRNE8REexmboLZTsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e5d139122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 26 Jan 2023 21:34:37 GMT
config
eswhik.github.io/drive/buttons/z1/ 		381 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/config
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a675db82126493bf9927ab29dba89f77e0e763622eb5f7725af4aa10b204c807
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-fastly-request-id
1debc16ad736cf8a3d356a8b122e76b510d72d47
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 09:08:15 GMT
age
464
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
198
x-served-by
cache-yyz4523-YYZ
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
7932:0DD6:9B6179:C98928:63C98B92
x-timer
S1674205696.996434,VS0,VE1
etag
W/"637fa09a-17d"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:37:30 GMT
300x250-cpm.js
cdn.eswhik.com/drive/script/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/300x250-cpm.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b82df01256e32a7e0225fcd06012bba6d8ea272a96f3e43a5331a059fc170d4

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41617
cf-polished
origSize=2243
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Apr 2022 02:07:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CryuwU5%2BaG%2BpLKQPYxs%2F7%2F9OQaoWvRCDTI%2FFtW3FZGglX0RZa6S6f1a7CFzGxxOtVkoSR6sEKE%2BrwG2DzNKXUIdCX5fivfiwI17P1zEqYp5nn1l3z5F7WnDcvwFOgsgBnCIqERoj%2Bh%2BX79bIQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d189122-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
analytics-eswhik
cdn.eswhik.com/ 		668 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/analytics-eswhik
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e5a87d0b6a722ce2c8f0950e23f6b8205f391eaf52a4c10c8956b1560d3a52

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 20 May 2022 20:46:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1whW2svipYJaYZNCSECBamPbX5d%2Fx1r%2BO239%2FAwZQk1y3BgdCnEPsB7%2Fu87GwUBr5X7IE2PWCUycAj9kU8jn2OoIXd7duom9hOk3eCfeUeqqNjzku1apz4UMj52r4hLA%2FCmZxqo%2BbKS3mkc2Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d1c9122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sites
cdn.eswhik.com/drive/reCAPTCHA/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/reCAPTCHA/sites
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
Sistema-Blogger-2.0
cdn.eswhik.com/drive/reCAPTCHA/ 		556 B
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f14b612adef254430bdf87ec7405512fe8f5d39de4d789841d1239ef6420492

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 May 2022 18:21:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oukPNOUcXMmL7GOTaGXBv7YfaZtMqa%2BhARL1Uk2jb89u9aApy6ZMuInwjPFUJaoJQeqC0t8tBg9SEyMp%2BT8mdceLos7qKKHLzlKqDXPM3N%2FPvbvPbjIp10Li4mXeCIp2SjDgvpo2U1j1eeWjbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d1e9122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api-popunder.js
cdn.eswhik.com/drive/script/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/api-popunder.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820a1fddd5a609082271df120797fde740e6114eef0efe101b9a57d9158e6036

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41617
cf-polished
origSize=4051
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 02 May 2022 21:30:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nG2N1Qr7KBepiwWmP%2FM777%2BrFLKbJA7okHrfZ7kNagJ3X31aphI1kPZjGMUj8WqEztEAClQBZOYSrcOrQ%2Fru5WEza8seu8gnBi5iJP0tPH41zinMxpjlAPJzx08B3SbBK8Imb8SvmoENGZ2D6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d1f9122-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
pregressAdTime
cdn.eswhik.com/drive/tags/ 		306 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/pregressAdTime
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11a1b1adf786512587e757e9b095ffc77770f5a6dbaa66615398bc903fab82e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 May 2022 01:05:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKCIWwyS43llfCBLy9kyad2YBJjND6ZXskyPYGAQy%2Fxxxho8yWfTY8HQ%2FbJrPoITs%2BGhY1SvJzxBTdL%2FsEKG4XVdwoB7ICI7M3zIbS7tq1KRrByLUJ12SzVJ0tpnO82Aqu2pmWAJUYssQvPfLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d209122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Eswhik-CPM-2.0.css
cdn.eswhik.com/drive/css/ 		946 B
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/Eswhik-CPM-2.0.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b42f5456d33762968c00d290a9c536564d2cfd693fc15cf81a454d72e06610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41617
cf-polished
origSize=1003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 17:35:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czKeQBwcODTBlyzh%2F%2BhSm16X%2FAKKrSsSXzVkeHaB3bwwUIvAksLdEUecPlwBdwcVujbNHM7ignPuUm%2FjLgcCqr4KZxFbRbK82kNuZ1Ro0yLdFm3Rd4eM0CQNgDodGEHMR%2FGqF4qVtk%2Fgfw1wEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d229122-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
api-eswhik-push
cdn.eswhik.com/drive/api/ 		290 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/api/api-eswhik-push
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Thu, 02 Jun 2022 22:29:22 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9K0H6PgTcPfE%2BuBtyH0miwMlCj4HUuMuiz87cSFfYH4UIGsuArZk5ckgU%2FSEVpPr5LLW7GH3KXc0ZSs9KSUjOka7kPS8BCfdOa6K7zWoofDQX2DnZ14vvfn2ttGiKa%2BRQOyO2PiqgSr6BQn2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78c6aa1e6d239122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
290
copyright-eswhik.js
cdn.eswhik.com/drive/script/ 		218 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/copyright-eswhik.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a531463641125977e3c0db5fb89fde3ecd4b0ac25ea0aceb3c235dd55a5472c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38994
cf-polished
origSize=276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 22:24:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYkVVN0BRx7BtZ41HEs1QxLUhtkrgLEnkJDazeKr%2BxM9qbkO%2BjbcHhxFnv0WE9viAEAMPQ1kbe4TRxFFDJBQplmod9dLfmrt%2Bk%2BuboJCTrr3Y4IzV3lOfC%2Fs0Cx%2BADInwHqTaMDjJxt3ivOF5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d259122-FRA
expires
Thu, 26 Jan 2023 22:18:21 GMT
api-eswhik-cpm-v2
cdn.eswhik.com/drive/api/ 		299 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Fri, 03 Jun 2022 22:29:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnEgFZuvB6Ar4IHyBauqoTqflxSmfa%2BrAhw%2FhF2gldm8Mt61TeUAEKO4Pwo4KEnDAwgIuWxwd4laVJ5NztkGWQhwAqfuhCk765WoXvPBIT6QiZQ7qJnmmCmWkpH71oLnwvzxXyXDhyJLsrjBTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78c6aa1e6d269122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
299
style-scripts-eswhik-premium.css
cdn.eswhik.com/drive/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/style-scripts-eswhik-premium.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c72dadcee3108bec75726d338589e95b3e4f3800336c966a4f03f62a0ef7a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41617
cf-polished
origSize=4757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 08 Dec 2022 23:48:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpjTaKdmWQRQmB3B9%2F1UCmveHO2giD4vYCzqxgeHDeqzcz07LuHlcpyvhZ8NkZC0cb9KZCVCeOOOCqCYco8CRu9FtUjCkmBbOOC3PNT2YuMacZkubho9NRDpEdY1rlQ%2FbhljkQlOGHGilky7Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d289122-FRA
expires
Thu, 26 Jan 2023 21:34:37 GMT
load-scripts-eswhik-premium.js
cdn.eswhik.com/drive/script/ 		990 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3c4bd109137190d4a6cdb66954772cf7d0072d3e202fa6ce7ca40a2f70a65e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39627
cf-polished
origSize=1160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Aug 2022 22:24:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juVCViGC4UFKp92CFH29YJYyj2zkrIrpLFU4UrrLcs2DhoZ%2F3PDXvj7iQxaKn2IOAqI3wGK%2FOACzN9Fefm6XGKKa4a%2F2d6DLN5iN8M4e706jQCPXV3wThkjSSFcvBxyyffWcx8o5ixOjdMuD3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa1e6d2a9122-FRA
expires
Thu, 26 Jan 2023 22:07:48 GMT
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=d1c84988-6e30-486a-a065-3e2774587107&ts=1674205695654
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:15 GMT
x-request-id
b5c203d5-cc61-4484-8f02-3e954e995fa5
style.css
eswhik.github.io/drive/buttons/z1/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/style.css
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
bd910a0e75b960acc6dd11ac4d5064f949e2597fdee997ee19b0fd7f55176e56
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
194d69ee9bfc0a3902631f538ab698b8b2f7a1cb
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 09:08:16 GMT
age
454
x-cache
HIT
x-cache-hits
1
x-proxy-cache
HIT
content-length
816
x-served-by
cache-yyz4523-YYZ
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
2D7E:4DA8:1E622A4:28F1949:63C5BFF4
x-timer
S1674205696.096345,VS0,VE1
etag
W/"637fa09a-1618"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Mon, 16 Jan 2023 21:31:09 GMT
ionicons.esm.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		399 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
18237096
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G67PVMK56PN5KM8G1JRT3F07-fra
server
cloudflare
etag
W/"18f-B+zGUTbQ1uVsG8y1uf+53Qdwne0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78c6aa208c08bb91-FRA
error
eswhik.github.io/drive/buttons/z1/ 		23 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/error
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-fastly-request-id
eef2ab3490ec73a342f51f3b19ca03ab87868e79
strict-transport-security
max-age=31556952
date
Fri, 20 Jan 2023 09:08:16 GMT
via
1.1 varnish
x-cache-hits
1
age
454
x-cache
HIT
x-proxy-cache
MISS
content-length
23
x-served-by
cache-yyz4523-YYZ
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
895E:3109:A3F1A3:D4C41C:63C9B2FE
x-timer
S1674205696.096610,VS0,VE1
etag
"637fa09a-17"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 19 Jan 2023 21:25:42 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/analytics-eswhik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2cf41e08d37efa35ef0d9d9d19ff79d1a750dda53ba22cb76d0bc12a97b2e496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77715
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 09:08:16 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0f037929bfcf95fe0606b4323dc9bea9ad0dc3db752dbe3f3d1362d68c5a3ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77691
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 09:08:16 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/analytics-eswhik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81dade304acd9482ef8de082ffd5907cdc08a3cfc61680c5ffeab242ef7e66e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78676
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 09:08:16 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c91dcd67e66793ddea8b763a3c78da50ec4d04b7d5cc94907719f173f4ed6466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77726
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 09:08:16 GMT
api.js
www.google.com/recaptcha/ 		909 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a696b72625c76c1c238f9a1f4a84549ab2af6a805ae2dd7c1cac6c429454f1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Fri, 20 Jan 2023 09:08:16 GMT
pregressAdTime.css
cdn.eswhik.com/drive/css/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/pregressAdTime.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb28d5000b17859dbee113b7ac6558134eaf9ab5bba8b41d48c1610e8804b596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94749
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 00:45:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woW2feGs4G%2B%2FmeHUVOHdrPzdacjkHEAJ%2FRk9KPmLe%2FeKA2hTxD2htqxRnGCpw7RvJ31saXJ%2F7RydK%2FMbIsk5Blww8i3%2BJP6DOUuEh9JrCkp2eQsKbrH5ah4%2Bv6ncHtAxkzaohUyEZNeoq%2B5gSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa20f9749122-FRA
expires
Thu, 26 Jan 2023 06:49:07 GMT
progressAd.js
cdn.eswhik.com/drive/script/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/progressAd.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e9a2e4876f61521aed687586e4840c65bf58d912a4a381440acf47577ea62c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38992
cf-polished
origSize=1645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 09 May 2022 23:29:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYV0gTdbt7rNRz7Mfn2kP4Z%2FLC8s%2BELgSMjJN1X24HXPdQrGLC3ukJhPqdh1tc6jAyv36LPB54182R1t4s46Fr7L6mxJ7x6KPITzg3HXCU3dESjBr7aTyhQjCJoasg1PYXJYT%2BemJQMjF%2FmDLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa20f9789122-FRA
expires
Thu, 26 Jan 2023 22:18:24 GMT
ConfigProgressAd.js
cdn.eswhik.com/drive/script/ 		411 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/ConfigProgressAd.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1928021ac2964da4cb99e2cb77e08d93d00cfe849c65fbce3587231837b6c29

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38992
cf-polished
origSize=533
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 01:04:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uS6fLKRXkMVpdCyarXL7Mfxji2NdnqUy8L0CyzZjKEq6ciNSDRHNLsogWwoieLpgUT54exUer71ksjuScxOreoKxWh8BYC%2B8NXFcwUCE9uWaUk%2FRwyZ0C7UnH7QKYdNodH1OCewkZ%2FiiwI4wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa20f97c9122-FRA
expires
Thu, 26 Jan 2023 22:18:24 GMT
p-e26ac56f.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
31108402
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83NYRGJE277N57NJX9DGY4
server
cloudflare
etag
W/"1d56-gDHdPSZYuc2h8Mf9Yj/8nfSlS9o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78c6aa20fcdebb91-FRA
eswhik-push
cdn.eswhik.com/drive/tags/ 		174 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/eswhik-push
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/api/api-eswhik-push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Jun 2022 22:28:26 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYJhINt5syuDzNyip%2Bl%2B29bQwUTyA6DsiPNRjVII9OfqWgbQdV5hE2iP6aQDB%2BBBVh%2BC3u2355YGugMHCTdg6zFin5kmRoGoOijnsg7WJPynrIVaOUjZ9TlH1zXROFhf8gjmED83%2B8XFh6Vc5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa2129b29122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205586502-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b0e561c3506f72590b1a21c118dac105a1ad9d635159441c9a87d363b8882a5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44078
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 09:08:16 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZXVHQW49E&gtm=2oe1i0&_p=338162257&cid=965074567.1674205696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674205696&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG2SR4CZDE&gtm=2oe1i0&_p=338162257&cid=965074567.1674205696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674205696&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame D1E4 		371 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJDQqZ4GEoUBCiRhZmY0YTY1Yi00NmQ2LTQ1MWMtYmJiMC05YzVhYjZlYWU5NzIQgMGmkNnD+wIaBgiAtKmeBiIKODEuOTUuNS40NCiUvwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGFiNWIyYTg4LWNjYmYtNDdkMC05N2UyLTE1YTJlOGI5MjJhMRjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.dpbHz07Y41y5LYsbQrS0PmbWyfbre6bQBOA5yCaRXYM=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674205696.dop244.fr8.t,1674205696.cds321.fr8.hn,1674205696.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 		404 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 08:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165715
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 01:02:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 08:58:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205586502-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 08:26:10 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2526
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 10:26:10 GMT
eswhik-push.css
cdn.eswhik.com/drive/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/eswhik-push.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9337d4581e7a2b92236a8b8de8d8170c3fdd70c02533afe58c9a1295b69031d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38991
cf-polished
origSize=1506
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Jun 2022 22:21:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEVC6jbV2dF0H%2FjNKMRWDDirytMhJpO1IfyPahzz17VybYiAaemJoFr4MTL%2BMcb2t3JmTHHsCfSABfvayxw8Kov68zWsAjxYMdG1J3NE63p3ptuIc4dY3dcY4JOfLlcNBqSfwG%2FXRc4EKhP2VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa225b9e9122-FRA
expires
Thu, 26 Jan 2023 22:18:25 GMT
eswhik-push.js
cdn.eswhik.com/drive/script/ 		220 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/eswhik-push.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5d6395683df0773cfe7fa4d5a43d0f80399e6000469783a2dcae9522902986

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38991
cf-polished
origSize=290
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 01:15:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYVIzA5GnNOGpAWG8k3%2BuUgBxGf2x%2B24fw%2BJ%2FagDlucATgxNA%2Be9uyOZ3QSzFTzAmInUWV6oDwVpBm5XBAgwAYe9LeGAdhil100ZckGnmWi6Te41B7GaE8LTC2VU4o9tHRrjb3StcybYnjo1Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa225ba09122-FRA
expires
Thu, 26 Jan 2023 22:18:25 GMT
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=338162257&t=pageview&_s=1&dl=https%3A%2F%2Famenazaytx.site%2F&ul=en-us&de=UTF-8&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2055022202&gjid=1325198318&cid=965074567.1674205696&tid=UA-205586502-1&_gid=1197727135.1674205696&_r=1&_slc=1&gtm=2ou1i0&z=845734923
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cpm-script-v2-eswhik
cdn.eswhik.com/drive/tags/ 		108 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 03 Jun 2022 23:04:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJ95ajpJHIFu9aw77NjIfCanDGsF%2Bw%2FBmHQo4FKuvT1ooID91Oo8UHPPi4ND31Yl8J9FQ2MQNQ4lmmMmIiCYHq13QC9t7ApNtt8qihO6vhxcbou5gEkF5OA4PCH6TOMdXzVTSvX0qlwJVDtZVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa228bd49122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
api.purpleads.io/x/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=118191e9-ee58-4e8e-b850-4c1e99b7e57a&ts=1674205696452
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
2a258b919e16bd2641ba3c1fe6e9f068f8991c404004615e6ef1f3cb8650d639

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
pa-user-id
25fd4696-e1b1-4cf0-9c57-2725d12e0778
etag
W/"db1-rDYEL6bBzU0VZxOCuNWbAEbBoQ4"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
cde9f61e-a84f-4860-aa8a-744a7e0cc0fb
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=118191e9-ee58-4e8e-b850-4c1e99b7e57a&ts=1674205696452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
x-request-id
d802d442-20ca-4f30-81d0-61b0d1b027de
localstore.js
script.4dex.io/ Frame D1E4 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2306224
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7LT42a6%2FnElfqa3tfiO5j2DVzVFOlT0ClJ6d32HXsSKxP8FyiJ9fFXPBV875OtNQ74VQ3E%2F9n5gH%2Fr8iKewe3NpUPBFd6SOghahfVaWpw%2FAajEPzRL1u3%2Bc5OzFk%2BlbRxHqQQ60d5AQeom7"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78c6aa2398da9a2d-FRA
prebid
ib.adnxs.com/ut/v3/ Frame D1E4 		138 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7ab705caef63548632071266a63b9458e2257ceeeeae1fb7b07f5790bae99808
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:16 GMT
AN-X-Request-Uuid
0a0e147f-92e3-4206-9b86-ed235089d885
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame D1E4 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.media.net/rtb/ Frame D1E4 		1 KB
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
89ab376bbbc31276d954e9f0b7aba56b305b4e13a16f0a1468a31ed677021adc

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 09:08:16 GMT
c
prebid.a-mo.net/a/ Frame D1E4 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:15 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D1E4 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ Frame D1E4 		114 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44fae9a22cf33b249b2a4b82ae47eab40d8e30ba112843c5aeb1632c7297c807

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 20 Jan 2023 09:08:16 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78c6aa23aedd9070-FRA
expires
0
auction
tlx.3lift.com/header/ Frame D1E4 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f4cf4a7be6d7a24ff94dc4d367ddc85d8aa945cf781635a27441ba6f5dd832d6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3249
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ Frame D1E4 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=29557182286&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
adreq
ads.servenobid.com/ Frame D1E4 		730 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4699
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cpm-script-v2-eswhik.css
cdn.eswhik.com/drive/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/cpm-script-v2-eswhik.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be53e65e477f21d0e1df301be1077c090084ff561f2023eff0600841a4433c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40824
cf-polished
origSize=1303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 22:21:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pVVQnlLBya5TY7ji1Oee4E80w%2B5DLsToRAiRQI8KyxkngXl5VF5fuPjiPa0b20ShtC1wXBZaGe2qKD5rL%2Fbll4%2FOU1iG0cEpAUcdT6XpnX5LxGFds5i1oV4la8vLR%2BOsi%2FuK3EQU5OfkR2aZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78c6aa239d989122-FRA
expires
Thu, 26 Jan 2023 21:47:52 GMT
adagio.js
script.4dex.io/ Frame D1E4 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
78208
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFNb2nZwaJC6xVF1OFUHnVXeHKYM0jYXrfXfUejDdlGV1s1uV7gVWjeNlDiEZbq8bsetmLchOjBfL6etfMU%2F4mvH8ZxwnShmXCT%2F%2BZXP1iAPrIUzPnA%2Fn7bgr7LlUpKL%2B3DRCFfZUhWChDT9"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78c6aa23cbf66931-FRA
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 04:21:11 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		273 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36c0e61e59f0da1ef6f6d37f2e5e114bed1e19a12ab9506ef90db93a06277235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Fri, 20 Jan 2023 09:08:16 GMT
ads-server.js
cdn.sendwebpush.com/adsendwebpush/server_services/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/server_services/ads-server.js
Requested by
Host: cdn.sendwebpush.com
URL: https://cdn.sendwebpush.com/adsendwebpush/client_services/603d92f98981a_2103.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7195d5522c8828139ebb1194841d31af4adfacde3686412dc8980fe2e229387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 03:15:20 GMT
server
cloudflare
x-amz-request-id
ZQTMTK7N5XVJ3XEY
age
16573
etag
W/"a65532bd0eaa2e5387a6e8661bba0818"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
78c6aa23cf2f9b51-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
150Vs5j3NRizk5NMHxdr7u2DmaPy+YX6USynR4mKz3GhG2G9/1rJywhTPiY/Qym0KcYIB86s9Zc=
Dark-Eswhik.png
eswhik.github.io/ad_pub_002/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eswhik.github.io/ad_pub_002/Dark-Eswhik.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2cd28b80d9e535057a264ac2c787339c3a6e114da736881003dfd5e98ad3de47
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
78d336d2b3df7d6994e3d4663dec086f5dbb4eca
strict-transport-security
max-age=31556952
date
Fri, 20 Jan 2023 09:08:16 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
23279
x-served-by
cache-yyz4523-YYZ
last-modified
Fri, 25 Mar 2022 00:52:21 GMT
server
GitHub.com
x-github-request-id
D7E4:412A:565B43:741E4F:63CA585B
x-timer
S1674205697.671128,VS0,VE25
etag
"623d1245-5aef"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Fri, 20 Jan 2023 09:11:15 GMT
blog3-e1670098934482-768x432.png
amenazaytx.site/wp-content/uploads/2022/12/ 		328 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/blog3-e1670098934482-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1ed6438bfe41ea5183dba8da3c961dfa38e3090c39d6694fc5dd974f57ca56cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 03 Dec 2022 20:22:18 GMT
server
LiteSpeed
etag
"51e51-638baffa-48b4c670b0f41988;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
335441
expires
Fri, 27 Jan 2023 09:08:16 GMT
como-administrar-el-dinero-768x512.jpg
amenazaytx.site/wp-content/uploads/2022/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/como-administrar-el-dinero-768x512.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d190fcd22bee0b1952bd5d85ab6db8eff58d036a0208f762a4545057894ac559
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 03 Dec 2022 20:10:07 GMT
server
LiteSpeed
etag
"11ac1-638bad1f-38db3aad284830bb;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
72385
expires
Fri, 27 Jan 2023 09:08:16 GMT
1-7-768x432.jpg
amenazaytx.site/wp-content/uploads/2022/11/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/11/1-7-768x432.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e4f011e9a762c0349e2f4aa73435601afa2f5b7c86634b1d13052dee04e9897d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 16 Nov 2022 16:46:36 GMT
server
LiteSpeed
etag
"130df-637513ec-9e8536cd8492583a;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
78047
expires
Fri, 27 Jan 2023 09:08:16 GMT
whatsapp-plus-768x413.jpg
amenazaytx.site/wp-content/uploads/2022/11/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/11/whatsapp-plus-768x413.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
34dd97dc4df4b7473a8c722f5ee839300e53b5a2aefb2a051f6066bb93834e68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 07 Nov 2022 14:55:35 GMT
server
LiteSpeed
etag
"59d9-63691c67-a5bfeb7144825637;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
23001
expires
Fri, 27 Jan 2023 09:08:16 GMT
CG_como-funciona-o-seguro-de-vida-ij_235111542.jpg
amenazaytx.site/wp-content/uploads/2022/10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/10/CG_como-funciona-o-seguro-de-vida-ij_235111542.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
708a6d945667538389adeb9c23a11b00454203b2fd404b12895dd1d299a8be17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:19:04 GMT
server
LiteSpeed
etag
"9223-6345ebd8-6f9f73b26479a90;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
37411
expires
Fri, 27 Jan 2023 09:08:16 GMT
Como-aproveitar-a-variacao-do-dolar-para-investir-1-1536x864-1-768x432.png
amenazaytx.site/wp-content/uploads/2022/09/ 		472 KB
472 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/09/Como-aproveitar-a-variacao-do-dolar-para-investir-1-1536x864-1-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8ac459d121d8925bf01df7171ad77cf4d71374605c8eea575b68b2adfc005921
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 21 Sep 2022 22:05:05 GMT
server
LiteSpeed
etag
"75ec7-632b8a91-82bca3d32bb74308;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
483015
expires
Fri, 27 Jan 2023 09:08:16 GMT
tutorial-config-dvr-dahua-768x383.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/tutorial-config-dvr-dahua-768x383.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
db355226168af7d46d5cef627cd58bac67c728ab4d22e1c6b4a47af69f8b951e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:47:12 GMT
server
LiteSpeed
etag
"7ca4-627c5910-ae1ea68edab82e21;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
31908
expires
Fri, 27 Jan 2023 09:08:16 GMT
transferencia-web_10611-1-768x512.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/transferencia-web_10611-1-768x512.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7fde7ce58c8978f3beb20f0406165d41a9700189b99b314c9d10220237ecb484
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:46:27 GMT
server
LiteSpeed
etag
"4147-627c58e3-e98c88fdef01f63;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
16711
expires
Fri, 27 Jan 2023 09:08:16 GMT
maxresdefault-13-768x432.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/maxresdefault-13-768x432.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7816252ae6607ec390b3c7c0a7223949d21681bd07452c96997ddb4979b56973
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:45:40 GMT
server
LiteSpeed
etag
"dfde-627c58b4-11c1504791f81904;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
57310
expires
Fri, 27 Jan 2023 09:08:16 GMT
/
api.purpleads.io/x/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=b822b1909aab413c9c16d7977a894982&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=531937c1-ee66-49ec-ae3c-e3cdb7eb40d1&ts=1674205696680
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
6155ad27ba297ee8f21ed649aaf1cbac1f384405496d04486b8f018d04e8d1ec

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
pa-user-id
37a968a5-91f6-494d-b039-270a6635bb69
etag
W/"de6-axrY19zOjKKx6KRaGgJa7KUxN+k"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
2c6ab215-4025-4e66-b975-cf79965362e4
/
api.purpleads.io/x/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=59c25b18-c3e6-4ca8-aa23-83db5e1e60cd&ts=1674205696680
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
516afe11bcab32bc2dbe8976bee0a3841fd8e618800b5a1faac52c9f8195c0a4

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
pa-user-id
a58c7e5d-01a0-4961-8a55-54655f13f348
etag
W/"e0b-e4a0X9yz9v/3vK9/wvhOUNsrfZI"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
3de766c3-0f5f-4d2e-b1d6-68b124a5ccbe
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=b822b1909aab413c9c16d7977a894982&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=531937c1-ee66-49ec-ae3c-e3cdb7eb40d1&ts=1674205696680
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
x-request-id
70ad6814-1a29-498f-9831-6b5ce2046a5b
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=59c25b18-c3e6-4ca8-aa23-83db5e1e60cd&ts=1674205696680
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
x-request-id
588ef647-aa48-40b7-ab94-95548c911d69
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		149 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2303576033589154&correlator=2107016259652989&eid=31071691%2C31071775%2C31071579%2C31071662%2C44769662&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_top%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2027485967&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1674205696757&lmt=1674205696&dlt=1674205694767&idt=1937&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=965074567.1674205696&ga_sid=1674205697&ga_hid=338162257&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a14ca100584317e9d357ea421a395e49a9eb4a08aa53536e824adb061707876e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43805
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2303576033589154&correlator=2107016259652989&eid=31071691%2C31071775%2C31071579%2C31071662%2C44769662&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_top%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_300x60&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x60&ifi=2&adks=841822932&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674205696763&lmt=1674205696&dlt=1674205694767&idt=1937&adxs=15&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=300x250&msz=300x60&fws=0&ohw=0&ga_vid=965074567.1674205696&ga_sid=1674205697&ga_hid=338162257&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d086e4fc634f27c2631032f487f49f3953fd414ed8e9004ba73b2503bdb3d2fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13732
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2303576033589154&correlator=2107016259652989&eid=31071691%2C31071775%2C31071579%2C31071662%2C44769662&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazayt.site_content_type_general_social_top%2Ccm_as_amenazayt.site_content_type_general_social_btf_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=3&adks=1107868161&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674205696767&lmt=1674205696&dlt=1674205694767&idt=1937&adxs=1083&adys=771&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=337x600&msz=337x600&fws=4&ohw=1600&ga_vid=965074567.1674205696&ga_sid=1674205697&ga_hid=338162257&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc24726b20c8cd59c45fde657406642e628fa4f0e65300ad6245c079b8cc9b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11063
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 78C1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:16 GMT
expires
Sat, 20 Jan 2024 09:08:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011101.js?cb=31071775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13715
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 04:21:14 GMT
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame C8D0 		371 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJDQqZ4GEoUBCiQwZGM0Yjg4Yi0wNGZhLTRjNzAtYjZkNS1iMzI3MzJhZGYyYWUQgMGmkNnD+wIaBgiAtKmeBiIKODEuOTUuNS40NCiUvwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDZjZDE5YzU1LTAwOTYtNGE2Ny1hOTA2LWFlYTZjMjBmM2VkZhjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.TDFL/xb5UotZQTyvEmhfzGFGKceT1NTOvBTaB4V8v24=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674205696.dop244.fr8.t,1674205696.cds321.fr8.hn,1674205696.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
localstore.js
script.4dex.io/ Frame C8D0 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2306224
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeynlyHZiRBbNkuCWQgHVX9aRHC6d9tP7Zgs%2BlshxM3sp2kt4uZNQXEj%2FIaGURqoN2YSXVVL3ZCiKaBtfvOQJBCRwI%2FsgymtCsZKgz8UouNjg3dQoLPwkScRcm6yqOtJCBiwAx38KdgPHFri"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78c6aa255b7f9a2d-FRA
prebid-request
onetag-sys.com/ Frame C8D0 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ Frame C8D0 		138 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7d112fc0678653c2df036a3fd28b3bf056aeb55464bc19ad70a038607403a17f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:16 GMT
AN-X-Request-Uuid
5a591433-b7c2-42da-9eab-a96c3e748402
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ Frame C8D0 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
accept-ch
sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ Frame C8D0 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ Frame C8D0 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
372193a611e067ceb5c08ba20546703b8cebaa7812f1723b885454c0f1175e87

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 09:08:16 GMT
adreq
ads.servenobid.com/ Frame C8D0 		730 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9542
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame C8D0 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=90912004791&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ Frame C8D0 		99 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
054682d0bfdb2e796edde0b8e1920ddc4121bd3e097b95ac2f307416ec9adfb8

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 20 Jan 2023 09:08:16 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78c6aa2569999070-FRA
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C8D0 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adagio.js
script.4dex.io/ Frame C8D0 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
78208
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VF%2BHo58zvbBIuXLR%2BSPQ3Iis4tOxvHjui1OiwEH9U9TeTVhLHf983ejkL3Ij6kRwopLJekhMhSNe5F9AZwr0Zbeu9kNu2L%2BG2IwxlCE3uB%2FpH3TJVWZSrtjsFmg%2Fv0IxF1sIwz6DoSpbhtQo"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78c6aa257e806931-FRA
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame B8C1 		371 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJDQqZ4GEoUBCiRiNmJlM2JjOS0xYmIyLTQ3ZGQtYTI2Ny1mYjU1NmIxMjJjZGIQgMGmkNnD+wIaBgiAtKmeBiIKODEuOTUuNS40NCiUvwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGQwM2RmY2FhLWVmYjItNGVhYi04MGFkLTllNDRlNGM0ODM3YRjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.zmE5ZnmmtVzbZ2oteKYiACKROn5EAluiCULgd7g04NE=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674205696.dop244.fr8.t,1674205696.cds321.fr8.hn,1674205696.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
localstore.js
script.4dex.io/ Frame B8C1 		483 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:16 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2306224
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBQ4tvNeBFI3hYljjtdlZYqbS3ReS3GYGe7%2FWX9wih8pa%2FXkRBZcCPWDqyyFKJz92nIwKSARUve9gPtofaUIvMWY9J4hv1KbHmfY4aC5lqhclF3eHjPcLAXUD6NsFfGiLVYJPw97kiK1MPqO"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78c6aa260c919a2d-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame B8C1 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame B8C1 		138 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
51ea8d18c32c9b282f7415f16283e0a991f7fd2ed6e7411032ba1b3790efcb78
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:16 GMT
AN-X-Request-Uuid
5243dda8-06ae-4f75-8769-ad3748ecb1c1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame B8C1 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=24158257246&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
c
prebid.a-mo.net/a/ Frame B8C1 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
92
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ Frame B8C1 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8050758d976f67d2f2f25d661601115114e369884f73f414a2f7b89148ce421b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 09:08:16 GMT
auction
tlx.3lift.com/header/ Frame B8C1 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ Frame B8C1 		99 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a987c345e2743f08b68cb837e9256097ce8031c38cfa4daa5e0981cf2c51f4b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 20 Jan 2023 09:08:17 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78c6aa262a869070-FRA
expires
0
adreq
ads.servenobid.com/ Frame B8C1 		730 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5949
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ Frame B8C1 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adagio.js
script.4dex.io/ Frame B8C1 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
78208
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyFsiHOvlbNDSDhYtyeX4eylkY7sa9DjVxMIVbfCJZRmxRp4QnDWBSXOE5Nd43LuMG4Qjh7JC9PTRj%2F04Jf%2B%2BZ2JxmWh6UfNVFkkRBrq0V7UOo%2BpHNe30h%2FVrkzoup7rIQbnRPK7gJb0PlIn"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78c6aa262f7d6931-FRA
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame D91F 		371 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CJDQqZ4GEoUBCiQ4YWNmMTFmZi01NTc4LTQ0MzUtYWEyYi1iYWVkNzJmNmVhNDgQgMGmkNnD+wIaBgiAtKmeBiIKODEuOTUuNS40NCiUvwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDRjYmQwNTcxLTY2N2QtNDVmOC04MzQ4LTVkODM3NWJkZTY2OBjHwAciGAgCEhRjZHMyMjMuZnI4Lmh3Y2RuLm5ldA==.Rj9xfKvhKeCJSfOWuYYzGfb/NZAB5GU/+bXn1BQ+ZmU=
x-amz-request-id
tx000000000000219c93b6d-0063aaeea7-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674205696.dop244.fr8.t,1674205696.cds321.fr8.hn,1674205696.cds223.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
localstore.js
script.4dex.io/ Frame D91F 		483 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2306225
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHiFAJQFI0rUzhYtzU6Gspi1ZG6Rr66a4tLuuTicr4FaF7WzevZVW8D6MZwgtBogifo2il18UKTt8WH1xHNcuu6GCw2IQ45ppOQ0M%2FhTv00muVQdFzvrfisPsy2OhKnt2zoai6J2Fk76D%2FiG"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78c6aa269d689a2d-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame D91F 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
auction
tlx.3lift.com/header/ Frame D91F 		19 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ Frame D91F 		730 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=595
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
mp.4dex.io/ Frame D91F 		99 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17009a214371ac8bab7c5b944235a07c118987f19f84e23c086020631a336f77

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 20 Jan 2023 09:08:17 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78c6aa26ab4c9070-FRA
expires
0
c
prebid.a-mo.net/a/ Frame D91F 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:16 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ Frame D91F 		1 KB
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed1d4d391f04216c0bb57b745816793e3bf8857bd21e47b4d9ac5939fcb8fadd

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 09:08:17 GMT
prebid-request
onetag-sys.com/ Frame D91F 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ Frame D91F 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=65346372563&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 09:08:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame D91F 		138 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
89c7a45ad926f4e9b23c0bd5d418ff16aa8f1ff4b0d5cf6517e342b01554ff83
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:17 GMT
AN-X-Request-Uuid
0284ef47-d6ce-476d-9c39-97566ada8920
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=118191e9-ee58-4e8e-b850-4c1e99b7e57a&demand=unifiedPb&ts=1674205697068
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
d1c0568a2f1737c3baf64abc858010fe0b299107e6d37d71cc4ca626fc047577

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
pa-user-id
b76d9e4e-d63e-4838-b813-4582967459a3
etag
W/"9b2-uglQLZs4EDWZwAYKOrBBFfL470c"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
c6ca799e-ca2d-4a95-ac17-be19f02c24f0
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=118191e9-ee58-4e8e-b850-4c1e99b7e57a&demand=unifiedPb&ts=1674205697068
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
x-request-id
89e15529-9271-4c12-9bc1-8175262c2273
adagio.js
script.4dex.io/ Frame D91F 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
78209
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SJMAhQK%2F7v1tw9q939KQCRT5%2BF7%2F2J5GfP0FQyAHWRmcds9G%2BktZ2nK2Ri%2F9RFDBZc4DAVg%2BIezIFN7GMpY0V4fnEM4g9I3wlrABpof4hX2op4Ze%2BVDKz4vu3jBZisFR16I1RyiPvYIMR%2Bl"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78c6aa26b8566931-FRA
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame AFCF 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
3691597
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
hqxVXPTQjpncYLgID_r0hIEYlbNmDFqjLqquj6aoV1eOwzIEOJyAkw==
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1674205697083
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
x-request-id
cc8583af-1fe7-4ffc-8187-9dd6e806f303
i
api.purpleads.io/x/a/0556460e83436f1fd7597f65a62dd636:16c6aee68ade5a92a485d0b45367d6d42d95bbec295542c9031840abe75aac4adfc723dd1b6fe96146ed6a41708d711a24f141dc4dd5dd10567954b31c50be86e86254d73fe7cac... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/0556460e83436f1fd7597f65a62dd636:16c6aee68ade5a92a485d0b45367d6d42d95bbec295542c9031840abe75aac4adfc723dd1b6fe96146ed6a41708d711a24f141dc4dd5dd10567954b31c50be86e86254d73fe7cac68626848ebf16358d3fa45792b6b45ba3885f44b6ec1faf92e08325494df53b9dbbbefe7c80e01afccf1587493e2cb733bf9fbc8e280af6b4d951d89773eb67002c511f522f01021b/i?id=aa9e484d-ba5f-44b3-acee-83b77c04b746&ts=1674205697084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
x-request-id
1b900425-d23d-4eef-ba1d-aad663b7d8e5
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1674205697083
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
293be8f8-8201-465c-87f7-c6bdb338f383
i
api.purpleads.io/x/a/0556460e83436f1fd7597f65a62dd636:16c6aee68ade5a92a485d0b45367d6d42d95bbec295542c9031840abe75aac4adfc723dd1b6fe96146ed6a41708d711a24f141dc4dd5dd10567954b31c50be86e86254d73fe7cac... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/0556460e83436f1fd7597f65a62dd636:16c6aee68ade5a92a485d0b45367d6d42d95bbec295542c9031840abe75aac4adfc723dd1b6fe96146ed6a41708d711a24f141dc4dd5dd10567954b31c50be86e86254d73fe7cac68626848ebf16358d3fa45792b6b45ba3885f44b6ec1faf92e08325494df53b9dbbbefe7c80e01afccf1587493e2cb733bf9fbc8e280af6b4d951d89773eb67002c511f522f01021b/i?id=aa9e484d-ba5f-44b3-acee-83b77c04b746&ts=1674205697084
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
3ecf2353-902b-4f79-8423-86915112f17e
notify
tlx.3lift.com/header/ Frame AFCF 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.064&ts=1674205696&aid=39270637219021051193260&ec=7354_112857_60256336&n=GgDyAr4BCAASFzM5MjcwNjM3MjE5MDIxMDUxMTkzMjYwGAAgASi6OTDZ8QZAAUgAUAFgCmgAcKy%2BApABAJgBAKgBALgBBcABQMgBT%2FABAPgBT4ACQJECAAAAAAAA8D%2BZAlK4HoXrUcg%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgCkDeAA6wCiAPYBJADAJgDAKADALgD36MCyAMA0gMINjAyNTYzMzbgA%2BW85jXpAwAAAAAAAAAA8ANP%2BQMAAAAAAAAAAPgCDIgDAJIDBEFEMjCYAwCgA%2B7BEagDAA%3D%3D
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame AFCF 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=39270637219021051193260
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
notify
tlx.3lift.com/header/ 		37 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.064&ts=1674205696&aid=39270637219021051193260&ec=7354_112857_60256336&n=GgDyAr4BCAASFzM5MjcwNjM3MjE5MDIxMDUxMTkzMjYwGAAgASi6OTDZ8QZAAUgAUAFgCmgAcKy%2BApABAJgBAKgBALgBBcABQMgBT%2FABAPgBT4ACQJECAAAAAAAA8D%2BZAlK4HoXrUcg%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgCkDeAA6wCiAPYBJADAJgDAKADALgD36MCyAMA0gMINjAyNTYzMzbgA%2BW85jXpAwAAAAAAAAAA8ANP%2BQMAAAAAAAAAAPgCDIgDAJIDBEFEMjCYAwCgA%2B7BEagDAA%3D%3D&b=1
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.131.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-18.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=39270637219021051193260&rev=2369ca4&pr=un&bc=0.079&bmid=7354&biid=7056&sid=112857&brid=40748&adid=60256336&crid=112828005&ts=1674205696&bcud=79&ss=12&caid=0&unid=0&domain=amenazaytx.site&ref=https%253A%252F%252Famenazaytx.site%252F&rr=creative&fid=10&rb=0&g=0&cb=35509
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame DDDE 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame AFCF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 08:16:10 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
348728
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
pYwc5nWLV91VltoIbtICJpdNllEWC8tV7tMOlSCv1G5K8kHhfHb9xQ==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame AFCF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 07:09:58 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
352700
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
bfD3n-bdNnzSZuVyBMhZlJ-0RF36k8uhMfS11C1_mLuM90NRLHl1CQ==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=39270637219021051193260&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=92053
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
track.adform.net/adfscript/ Frame 46D5 		865 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60256336;rtbwp=0.079;rtbdata=az2fU4u2ZyrZqQHYT_Qd8NQ3GMJ7_K4SByebVfZ7l6T0Nw8hRAFD9pq7YNCCx7MXhFvbxb3NgPbvyf1zHsVaNjhfhOBpijoqzVzzPMF09PhiJf5rIjkNGldqgQB90GQS6sYgissxpNoexR5bUXfDEY7_SMj5PzFa-3-ZXXBTrUxDsOHfHSml50UHIVOdXsxR0
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ab0742e6bdc6ebd7a1cfff874f890e69ff7d69982b24cdf2e305957a36a77218
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
726
expires
-1
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=39270637219021051193260&rev=2369ca4&pr=un&bc=0.079&bmid=7354&biid=7056&sid=112857&brid=40748&adid=60256336&crid=112828005&ts=1674205696&bcud=79&ss=12&caid=0&unid=0&domain=amenazaytx.site&ref=https%253A%252F%252Famenazaytx.site%252F&rr=creative&fid=10&rb=0&g=0&cb=16440
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=39270637219021051193260&rev=2369ca4&pr=0.064&bc=0.079&bmid=7354&biid=7056&sid=112857&brid=40748&adid=60256336&crid=112828005&ts=1674205696&bcud=79&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=74840
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=b822b1909aab413c9c16d7977a894982&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=531937c1-ee66-49ec-ae3c-e3cdb7eb40d1&demand=unifiedPb&ts=1674205697251
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
b1069c48f4486c249858eeb0632349e8bea1be26bd817cb04ccc38768edd7f5b

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
pa-user-id
b52eb5ae-6891-407d-9448-eded0dbc6c29
etag
W/"9b2-LrUxZiLxlGeJadM7cd5kdIXbDig"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
e4e0f75b-dcae-4af3-bef0-ac864490d93c
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=b822b1909aab413c9c16d7977a894982&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=531937c1-ee66-49ec-ae3c-e3cdb7eb40d1&demand=unifiedPb&ts=1674205697251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
x-request-id
c1db2559-a504-483e-b21a-8f86f19e17a2
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 46D5 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60256336;rtbwp=0.079;rtbdata=az2fU4u2ZyrZqQHYT_Qd8NQ3GMJ7_K4SByebVfZ7l6T0Nw8hRAFD9pq7YNCCx7MXhFvbxb3NgPbvyf1zHsVaNjhfhOBpijoqzVzzPMF09PhiJf5rIjkNGldqgQB90GQS6sYgissxpNoexR5bUXfDEY7_SMj5PzFa-3-ZXXBTrUxDsOHfHSml50UHIVOdXsxR0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 21 Jan 2023 12:41:43 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame 46D2 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 46D2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 46D2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 46D2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 13:25:01 GMT
age
70996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Jan 2024 13:25:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 46D2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
truncated
/ Frame 46D2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce06db9abc93fbbaf564615a19978f8f502afa393e5d3419be4352e0e9bedd4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
8251939867213821623
tpc.googlesyndication.com/daca_images/simgad/ Frame 46D2 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8251939867213821623
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a07dc722c8012431934b7e8a519829b90811174c6e561c5a6a8f6acc96934584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 05:36:57 GMT
x-content-type-options
nosniff
age
12680
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63259
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 01:32:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 05:36:57 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 10:51:52 GMT
x-content-type-options
nosniff
server
cafe
age
80185
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Fri, 20 Jan 2023 10:51:52 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 46D2 		295 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 00:34:47 GMT
x-content-type-options
nosniff
server
cafe
age
30810
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 21 Jan 2023 00:34:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 46D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvl5gAFrKY_aVMu2D9u8PspyvsAH4mPuLTuqUid9psdH93wUQASDy07l7YJW6iYKYB6ABprmR1APIAQKpAl0ahl8AK7I-4AIAqAMByAMIqgToAU_QMVJw0VDTBDGmnT2M7_TH1HTR9zwXvN-H7nd_9ty0RfYzjwQyr7A5zirBipORb1AuNQNnaZmhgFyR7bC9FAd0txTX1125hOTgjs0dcAL1_G2Uivt7tc0-zTgOGfYzY0pvATt-bgquRXd42vlpyVHLpEQ-mxYdcMucplic_ixZ_cB2R1FSjIRM69JPnfuMaMZ9Ksy00I9AUzffgWgxmPeSA9sMTXDSfSS58p1QUBqvZCn_hHwZI4l9w0xLSqi4nR1Vrs5Trz3Hokhb7q99NbUq0qUOIssplUa2WDVVNI1NFv4PEsIuFAnABMKNrbEd4AQBkgUECAQYAZIFBAgFGASgBgKAB8LG7iuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDE6xLSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi01NDEzMzI5NTQ0MDQwOTQ3GMGMdA&sigh=D8D5ZVSn_zk&uach_m=[UACH]&cid=CAQSSwDq26N9QNPXfpojA9Cdjjb1anCaULGo2G4tkLgUkua1gbeastPsgghch8rqKEh31yWHPHJUPLKjDtuHrKSngtnF3kEttwS5VKanyxgBIBM
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
/
track.adform.net/adfserve/ Frame 46D5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=60256336;rtbwp=0.079;rtbdata=az2fU4u2ZyrZqQHYT_Qd8NQ3GMJ7_K4SByebVfZ7l6T0Nw8hRAFD9pq7YNCCx7MXhFvbxb3NgPbvyf1zHsVaNjhfhOBpijoqzVzzPMF09PhiJf5rIjkNGldqgQB90GQS6sYgissxpNoexR5bUXfDEY7_SMj5PzFa-3-ZXXBTrUxDsOHfHSml50UHIVOdXsxR0;js=1;adfxid=1x;724;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Famenazaytx.site%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
53265a4603ec5a9eac74c1b89fab4c765ea1bd233bd46cde7292cbc4db7009e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3038
expires
-1
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=59c25b18-c3e6-4ca8-aa23-83db5e1e60cd&demand=unifiedPb&ts=1674205697451
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
eeab071d07443d491f3a44fbe2cb6c69e6bfd54cc46fed20958aace8761997e0

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
gzip
pa-user-id
f54398d5-5635-4e48-9932-bb18374035d2
etag
W/"9b2-vZlMPmutBEwQuoDagTN5o7x3Pcg"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
afdadbfb-bb16-4d26-bd6f-af75b1bf661f
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=b822b1909aab413c9c16d7977a894982&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=59c25b18-c3e6-4ca8-aa23-83db5e1e60cd&demand=unifiedPb&ts=1674205697451
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 09:08:17 GMT
x-request-id
7ea4a3ae-d3cf-4514-bd03-8e93bc01c232
/
servedby.flashtalking.com/imp/2/199492;7062982;201;js;AmnetDE;55977FinnlinesMINQ42022OyjPlcAdGapId0218000095597700511000/ Frame 46D5 		1 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/2/199492;7062982;201;js;AmnetDE;55977FinnlinesMINQ42022OyjPlcAdGapId0218000095597700511000/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Famenazaytx.site%2F&gdpr=&gdpr_consent=&cachebuster=943549.5358404443
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.57.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-57-2.deploy.static.akamaitechnologies.com
Software
prod-xre-app7.frk11 /
Resource Hash
994bb670d64c99095bf3abff77c38590ff7d1002a5ee288863b3a14c7c0da36b
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app7.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
635
Expires
Fri, 20 Jan 2023 09:08:17 GMT
/
track.adform.net/csimpr/ Frame 46D5 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=60256336&csi=TUkrnlQuABw6IA9SqlZerDjFW0o4o2oGschpOWeiYGnrygPkIxxfkxxpiekFPAZV8uLwMxVLxa1f7rtmfu4ZHWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://amenazaytx.site
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame 46D2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Fri, 20 Jan 2023 09:08:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
j-7062982-4158002.js
cdn.flashtalking.com/xre/706/7062982/4158002/js/ Frame 46D5 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/706/7062982/4158002/js/j-7062982-4158002.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/199492;7062982;201;js;AmnetDE;55977FinnlinesMINQ42022OyjPlcAdGapId0218000095597700511000/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Famenazaytx.site%2F&gdpr=&gdpr_consent=&cachebuster=943549.5358404443
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b6552568620a5884d704d9b18c8f8a6bc2e54decb6549d06a657413ccb0624e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
x-amz-request-id
3SMZ42V5W7FHZFM5
Connection
Keep-Alive
Content-Length
22237
x-amz-id-2
Cm5H6hYA6akT0InoNFvmLSbQOYDmFdsuHR3gPLNQXSwCfdN0VOXIxgCYLcewyZhocRFVtPt8+dc=
Last-Modified
Tue, 13 Dec 2022 13:35:08 GMT
ETag
"1670938508"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds153.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=233
Accept-Ranges
bytes
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 46D5 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 21 Jan 2023 12:40:46 GMT
eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame B67D 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
last-modified
Wed, 14 Dec 2022 00:30:57 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1930883
access-control-allow-credentials
false
x-traceid
98ed4abf18cb40981130638f08847afb
timing-allow-origin
*, *
content-length
42136
i
api.purpleads.io/x/a/ad4d1039c6ecf72495e91841029d3f30:658ab59337655f6a3bb1ee01eb7d385b7ddb54257e9ea6a696c3d8b5160d6f48521623047db065019ee98af51692d3e9375f63101913fdfdf767dddab57ea4c77b109677dbaf9c9... Frame B67D 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/ad4d1039c6ecf72495e91841029d3f30:658ab59337655f6a3bb1ee01eb7d385b7ddb54257e9ea6a696c3d8b5160d6f48521623047db065019ee98af51692d3e9375f63101913fdfdf767dddab57ea4c77b109677dbaf9c95d78f33154ae447963e74fbf1a37814c2ccc96d3cd432faea021a92b710cad309ca29337c27e6ffda1ce07c9f5939430338275623b3c0dd7ace6f2ba6094d49f82859e40742ab0f3e/i?id=c6ca799e-ca2d-4a95-ac17-be19f02c24f0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 09:08:17 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
47200ef6-e1b9-40e7-9a7f-85261012c6cf
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame B67D 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=05883fe695e3bf92f29633c18d0df103&pvId=05883fe695e3bf92f29633c18d0df103&sid=9435706&pid=45718&idx=4&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:17 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c8e63d426422bd3671127453de5f5e79
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame B67D 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=05883fe695e3bf92f29633c18d0df103&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:17 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
6160aa3b4875da76ada78239173da019
Content-Length
4
Expires
0
index.html
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		698 KB
176 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/173489/4158002/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/706/7062982/4158002/js/j-7062982-4158002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4ad5b2f60f4291e97422d9c8a862fe3c3e1f899b0f329d9f9d4b3bd40deb0c8f

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=243
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
179289
Content-Type
text/html
Date
Fri, 20 Jan 2023 09:08:17 GMT
ETag
"1670924142"
Last-Modified
Tue, 13 Dec 2022 09:35:42 GMT
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds249.fr8.c
x-amz-id-2
fPJrDOgS1Sx5SaSOqFpoTWpii/2rfghSBbTpexSMca4Z8V57erpL6aU5cZDNDYNzca1Y/M6AL8E=
x-amz-request-id
JSQ7VPV9R78NNT9S
508286b1ba6491297b1126863b0f7edc
mediaintelligence.de/trck/epv/ Frame 46D5 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediaintelligence.de/trck/epv/508286b1ba6491297b1126863b0f7edc?330910667
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/706/7062982/4158002/js/j-7062982-4158002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.143.112 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
680d670af65715a34054c6ac0dcf7a392b05040c9c3438fbae8580df2de86884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Server
nginx
X-IPLB-Request-ID
515F052C:C910_93878F70:01BB_63CA5A01_D63D:2E7FD
X-IPLB-Instance
46723
Content-Type
application/javascript; charset=utf-8
X-Min-LB
n3
Keep-Alive
timeout=20
Content-Length
5128
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 46D5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/706/7062982/4158002/js/j-7062982-4158002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
x-amz-request-id
0VYE1R4B5BFAPA6M
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
j5KwgsYGbP/r3C8dM97qc+3TabospPpV6qv0lM7drK8sHr8ilGKec0TvlW0suf8hIhcWl4UsqQo=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1674205697.dop150.fr8.shc,1674205697.dop150.fr8.t,1674205697.cds260.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=25022
Accept-Ranges
bytes
code.js
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/173489/4158002/code.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fc1b40954bcf18cdbd01581218ad535e3e77d646ad0204f9edb7012ac9413707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
x-amz-request-id
SHM1307AQ40E9KNC
Connection
Keep-Alive
Content-Length
4514
x-amz-id-2
+rQDLd6XgR0QOvrunxjwjE9ZLZMO04NsbPIgUvKTmHCtUqRWElOCjsxCxy59wGJtEcd8jYTr7T0=
Last-Modified
Tue, 13 Dec 2022 09:35:42 GMT
ETag
"1670924142"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds053.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 5C04 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
x-amz-request-id
3TCAAFNTXJCJJJ6N
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
jBlf9FdD9KbbhnAFx4NA/lMdybupLdPlhkpSWkn92J2dLL7oN0S3J8vMulnI6xl4G4vlqflcH8o=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1674205697.dop150.fr8.shc,1674205697.dop150.fr8.t,1674205697.cds260.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=18852
Accept-Ranges
bytes
/
ad-events.flashtalking.com/state/7062982;4158002;0;271;F2B2ABCF-DAA8-9BA7-5067-76C5B0FF2462/ Frame 46D5 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7062982;4158002;0;271;F2B2ABCF-DAA8-9BA7-5067-76C5B0FF2462/?cachebuster=840256073
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.51.10 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-51-10.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 46D5 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?225072972-7062982;4158002;0-302-0-5498D4ADA45A39-217153752
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 20 Jan 2023 09:08:17 GMT
Arrow.png
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/Arrow.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1be8701d9f0ec4023b62d53d4233813576153c6c3abf87efefdafad966663927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
x-amz-request-id
SHM131HCK4F6W1Q3
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1674205697.dop150.fr8.shc,1674205697.dop150.fr8.t,1674205697.cds052.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2054
x-amz-id-2
toQVzEZ5T9Z0ierkJOH49eXXF+41yXS/tJXoSZiQrhdIDaRVnhIF3Ri1rtm2BSavK66KlK07d/w=
Bild.jpg
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/Bild.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a1e3c9ef1a8698a5728d87f10f62acf2a1d468ae934be4b1eb9bb61adee75845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
x-amz-request-id
9WPY7CXCWTMDDVHW
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds241.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=113
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30166
x-amz-id-2
TlLvIX6OpgNuxmN3V81aAzZVvxmi22xjt2Tptp0i2FHlx8cG8qaf7qmlSpx7UaXM8nyqgi11JIM=
manifest.js
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		1017 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/173489/4158002/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bfa765a244be3a6d1d3311069bb9a4a017dc70893aca02bc84d456d52540db22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
x-amz-request-id
XGG88FNSPCAYSHDB
Connection
Keep-Alive
Content-Length
294
x-amz-id-2
fZhZ09y4SYzlr1/AKOPdjtH4kvSrkaRZRTznfG0qDkwhAl3qhLQzhSDJbKFu+rBv+yFwN02mRok=
Last-Modified
Tue, 13 Dec 2022 09:35:42 GMT
ETag
"1670924142"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds212.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Accept-Ranges
bytes
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame A6C6 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A6C6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A6C6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A6C6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 13:25:01 GMT
age
70996
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Jan 2024 13:25:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame A6C6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
226864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
css
fonts.googleapis.com/ Frame A6C6 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 09:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 08:07:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 09:08:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6C6 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 00:34:47 GMT
x-content-type-options
nosniff
server
cafe
age
30810
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 21 Jan 2023 00:34:47 GMT
es_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A6C6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es_bl.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 08:48:37 GMT
x-content-type-options
nosniff
server
cafe
age
1180
etag
11430072204764857781
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2664
x-xss-protection
0
expires
Sat, 21 Jan 2023 08:48:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A6C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMWYYAVrKY4WbEryM7_UPk5GV4AnJ6fq0ZsOfzoDjDpiS-IezAhABIPLTuXtglbqJgpgHoAGN7OTZAsgBAakCKXRLelntqD7gAgCoAwHIAwqqBOcBT9AGIOBFxjhou0Y_gu-55eA9---n6yphMQxcteIzW9V4Lzyg0R7RH4LIinELubu0hAJQxrQ6ZdDiZiQzVB0Wu7UvkogClFnoB3PoOK-OlxkGVyc-f9YURocp2xGAgbUXJBNGOcOXqtTjp_qdcI4zkoo5reJJ9q0G6uRq4JySwjd5bzH7Cia57Ihk9iSbWPVil-PJGjYva1KEcWBeFJPM1pGBvo_syTwl53P_5Zj9V6-Ztsbbuiu3gl6kUp4j8u5_tD19BL50MZuBA0iOSU0VX3eTP_uPzlZ2EMSOVL-tUVgkGlAlS5lpwATpg4j-vgPgBAGSBQQIBBgBkgUECAUYBKAGUYAH25ObpgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDEywXSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi01NDEzMzI5NTQ0MDQwOTQ3GMGMdA&sigh=dSaE3qG9Y3k&uach_m=[UACH]&cid=CAQSSwDq26N9jQxZI7cHtgS39t2apc11cQ8g3RXHSmse0Uiak5HpQKeZCXw_xOcmuBX6NDV04jy0lXx4VCxc1a7aJYstHR_0SimdIc91XRgBIBM
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=338162257&t=pageview&_s=1&dl=https%3A%2F%2Famenazaytx.site%2F&ul=en-us&de=UTF-8&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAACAAI~&jid=1809516208&gjid=1448444811&cid=965074567.1674205696&tid=UA-203930810-1&_gid=1197727135.1674205696&_r=1&_slc=1&z=60174715
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A6C6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e71cc5745e28949cba7ab364a611c962a548e29caa2478a9ef3d823d3ec031b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
logo.png
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/logo.png
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d64f31a7d7882e14ef4785d5d78ada986af863f9f73199d88ae332dca456540c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:42 GMT
x-amz-request-id
SHM17GWJJ0WE5W1V
ETag
"1670924142"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds017.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=113
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2376
x-amz-id-2
WvUCJERQa+sMV7rNQ9mdgHaLn2daNsLaE8lWHWPcJrdsZ5/7znkjyBIuG9fI4Rl9LvttkIYijmM=
HG1.jpg
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		117 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/HG1.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
428a0b175c3722d6a36afce68bbd4d62ab6eabc629103f6f7fbdf1f9351d4eae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Content-Encoding
gzip
x-amz-request-id
XYGK2WQ83WGC824C
Connection
Keep-Alive
Content-Length
116397
x-amz-id-2
EpirPeuYMpVt8tC0AedsEo4HJvI5XHzf+IH5Yl3kkm0iirk9uruRBc6Uk9RKBn4XEWTf4wrUuBY=
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1674205697.dop150.fr8.shc,1674205697.dop150.fr8.t,1674205697.cds332.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Accept-Ranges
bytes
HG2.jpg
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/HG2.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b8c33e8eac724aa04af2b1b91c2e2c7b5397b0f9e0a13f17fc4af749129d71f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
x-amz-request-id
SHM99K94AD7TFWVE
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1674205697.dop219.fr8.shc,1674205697.dop219.fr8.t,1674205697.cds128.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
77804
x-amz-id-2
azhLUTSmzy8rcAH17HgLEfYyzUkkL8TT9QPfLxdH+RYNL4dCl3OF1v4OO4QKZeJ7MfY55IyNRvM=
Card1.jpg
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/Card1.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
dbec62e0a55787482317d77c2f5d6d11eeb1b5ebe8e623f51e36dccc8d168cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
x-amz-request-id
SHM2V9KZ4GBRSAWF
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1674205697.dop263.fr8.t,1674205697.cds339.fr8.shn,1674205697.dop263.fr8.t,1674205697.cds283.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
86041
x-amz-id-2
o2l6Ou3d2wLmQ61qKbp66xAXMeTA4m/+aupewKgOXQhRqo7D18C7tueeXCs+TEQOzwVYQ0m+irM=
Card2.jpg
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/Card2.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b815438f61abafd12ca94b89ba908cf2f0edd28f995df211bcbd5a56d3496f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
x-amz-request-id
SHMFMST9T2N9CTFV
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1674205697.dop009.fr8.shc,1674205697.dop009.fr8.t,1674205697.cds140.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=258
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
112047
x-amz-id-2
DPFQGqlE61NPERUMMIpqIHbhhdDk/JGlxACk6XY7EKeXlX4T06Lgk9KLwudexwpPeUiDNVD5SGg=
Card3.jpg
cdn.flashtalking.com/173489/4158002/ Frame 5C04 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/173489/4158002/Card3.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/173489/4158002/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a6a59042874d68e166b3c269b6fcb0eb289e60b150e9185b91c4b1a295ec0ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/173489/4158002/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:17 GMT
Last-Modified
Tue, 13 Dec 2022 09:35:41 GMT
x-amz-request-id
SHM9ARGR052DPYC4
ETag
"1670924141"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1674205697.dop016.fr8.shc,1674205697.dop016.fr8.t,1674205697.cds285.fr8.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=113
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
102141
x-amz-id-2
e3ajp5KGifmvFGKWqhj4FqP3TQa5MqS/NFoXeQw36ISREtHjR7vjwWeWSNjqu857IewJ//AwwPM=
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A6C6 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 17:04:17 GMT
x-content-type-options
nosniff
age
403440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 17:04:17 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A6C6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Fri, 20 Jan 2023 09:08:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 6E84 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:17 GMT
last-modified
Wed, 14 Dec 2022 00:30:57 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1930883
access-control-allow-credentials
false
x-traceid
98ed4abf18cb40981130638f08847afb
timing-allow-origin
*, *
content-length
42136
i
api.purpleads.io/x/a/592f8c3ab6c310ff375d2295db2df8b8:ce7807bd359d24ce84dac14f7b849dc1a878e597f46c17ecf5b90fc609a3104123139dfc6c9f052a99aed65d873c319ee17bce4b778f7b88f7e161f8cd5a6f63cc0ffe529fc4611... Frame 6E84 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/592f8c3ab6c310ff375d2295db2df8b8:ce7807bd359d24ce84dac14f7b849dc1a878e597f46c17ecf5b90fc609a3104123139dfc6c9f052a99aed65d873c319ee17bce4b778f7b88f7e161f8cd5a6f63cc0ffe529fc4611c1882b7c992bcf9b14fa2807d3eefb2296323583b665afe7ac6918bf69dafb60ea69e3016b6adc576eaf73cdc8233e57963bc5a41b9eecd0bac9e3261537de4b33a3e493fe3960a15/i?id=e4e0f75b-dcae-4af3-bef0-ac864490d93c
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 09:08:18 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
7f0d5f1b-347f-40ec-95fe-d652af15a97e
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 6E84 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3a3c55b43ad8c97efa7fdfdc7d0cb702&pvId=3a3c55b43ad8c97efa7fdfdc7d0cb702&sid=9435706&pid=45718&idx=5&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b5c310d5377b967c3c64fc430160940e
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 6E84 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=3a3c55b43ad8c97efa7fdfdc7d0cb702&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
426a0e338515e9fb1707a09fd96101b8
Content-Length
4
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f2b33e923889bcda50f0882d32aa41ee01383f3512c297ae7caf9d87b5c660d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11201
x-xss-protection
0
sync
eb2.3lift.com/ Frame 3AFB 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=56313
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 20 Jan 2023 09:08:18 GMT
eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 1FBE 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBmNTE1ZTU2ODJiODc5MDdmZmM3OTkzNTcwZjNhOWNhYjNmOWY4NTQ0ZGU2MDU1MjFhMzg0Nzg2ZTQ2MTgxZDEiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
last-modified
Wed, 14 Dec 2022 00:30:57 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1930882
access-control-allow-credentials
false
x-traceid
98ed4abf18cb40981130638f08847afb
timing-allow-origin
*, *
content-length
42136
i
api.purpleads.io/x/a/473d569bca5c7b4ad781ca4964ddf3ad:f9758d62e5912a4524509e61c63dc453624f12db7f3332c3626ac6e6af9e9ea3b1081174db54576543999d1816f25e87aee205ba1aabf1ce36683f6281dc9595ad88c7d62f27f7f... Frame 1FBE 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/473d569bca5c7b4ad781ca4964ddf3ad:f9758d62e5912a4524509e61c63dc453624f12db7f3332c3626ac6e6af9e9ea3b1081174db54576543999d1816f25e87aee205ba1aabf1ce36683f6281dc9595ad88c7d62f27f7f660593978e39bf4ab2bc304f208e3fe9cb16e50496576d52042005a92b1cc3ceb58b66e6c82004c29c045259a6ef45d02f8b25b27591af004afdf79538e4c39ba5a18be5523faf608/i?id=afdadbfb-bb16-4d26-bd6f-af75b1bf661f
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.159.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-159-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 09:08:18 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
670cb64d-bf68-48bf-97fb-c72c41e14739
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 1FBE 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=b986a743c69f41afe2296cf8a11ca3da&pvId=b986a743c69f41afe2296cf8a11ca3da&sid=9435706&pid=45718&idx=6&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
7d74ebe842d41e920afaaff3870593af
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 1FBE 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=b986a743c69f41afe2296cf8a11ca3da&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
430ba7b5242f241bd8604434e929055b
Content-Length
4
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 09:08:18 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=Purpleads_RON_Banner_HDX_Prebid&aid=39270637219021051193260&rev=2369ca4&pr=0.064&bc=0.079&bmid=7354&biid=7056&sid=112857&brid=40748&adid=60256336&crid=112828005&ts=1674205696&bcud=79&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=74892
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 559E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:07:25 GMT
expires
Sat, 20 Jan 2024 09:07:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7FD6 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
032aae03cdb2936ae42f4bd9ac8d1fc6be6aea29416b28be8b8969dfdc58cecb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PEaqhoN0Bxn5uf9w9IYBqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-PEaqhoN0Bxn5uf9w9IYBqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:18 GMT
expires
Fri, 20 Jan 2023 09:08:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 559E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 07:43:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7FD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=2303576033589154&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
container.html
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D859 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:16 GMT
expires
Sat, 20 Jan 2024 09:08:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame D859 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
URL: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 08:02:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 09:08:18 GMT
css
fonts.googleapis.com/ Frame 0267 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 07:59:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 09:08:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0267 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 17:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
57351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 17:12:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 0267 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
58759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 16:48:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0267 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
9774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 06:25:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0267 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 06:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
9774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 06:25:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0267 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 09:08:18 GMT
036f4b4f51becf731acb151979d003ca.js
www.gstatic.com/mysidia/ Frame 0267 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/036f4b4f51becf731acb151979d003ca.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a6604bbd78d8adaa549c8cbe181ad52a3ccf6deaeb78a19234ca89b14ca3363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 02:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14103
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 02:25:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 02:35:20 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame D859 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
URL: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 18:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
51560
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8191
x-xss-protection
0
server
cafe
etag
7335088802737092762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Feb 2023 18:48:58 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D859 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
URL: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 00:01:57 GMT
x-content-type-options
nosniff
age
32781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 20 Jan 2024 00:01:57 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D859 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
URL: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 22:19:01 GMT
x-content-type-options
nosniff
age
38957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 19 Jan 2024 22:19:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CFB0 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
URL: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 08:51:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame CFB0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
URL: https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:18 GMT
expires
Fri, 20 Jan 2023 09:08:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:18 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ft.stat
stat.flashtalking.com/reportV3/ Frame 46D5 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?225072972-7062982;4158002;0-307-0-5498D4ADA45A39-881350517
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:18 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 20 Jan 2023 09:08:18 GMT
/
ad-events.flashtalking.com/state/7062982;4158002;0;202;F2B2ABCF-DAA8-9BA7-5067-76C5B0FF2462/ Frame 46D5 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-events.flashtalking.com/state/7062982;4158002;0;202;F2B2ABCF-DAA8-9BA7-5067-76C5B0FF2462/?cachebuster=765318046
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.51.10 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-51-10.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:18 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 988C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 07:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 07:43:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=2303576033589154&bg=!-Pul-7_NAAYDMoyoIzI7ACkAdvg8Wv1cJpErWpm4kSv59tox1PGH1RjIj1VWhANZO1GLnYeG1yuQfQIAAABEUgAAAAJoAQcKAKN565X1t_n9oMsv3vEXn7ldI2VMrX8va_QSyo8jXUm6RFKIn--2bmRA1HneJXtaqMnEn4VnTO1z9chbtpq7Cj2p2ZTA1dbL3_tkljewQe2Ck4KE0GATIlhAtvCwUXEfcmZu6W5aEjNt8AY7RO0RMrDiUhoqXibIcBaOT-N5CpDiSHcIQXE2WmYfJTwNXuWLEe3nsrLjTskEQlzD35U8jnI5r9FamQKYw7dhZtjJx3mHezTzw03XppZ9zboIUXPROGu866dLYV7ZRhhYyDoWPfXipQS8R4PTQ8dGOGJlIytplQQxWdxznmGieRZpC1-35Ee6Ojs29Xd0keIdWyNOPoS837Rtlx49xG1ZryVWodHGZLOqXWehVzy9ou7CUwNW7i7A9tZZs48qjEUcy78_o639IT45N-2TLAnBi1pWWriSVeqSgOxWd5OHjSmKEEwDv2TADHe5DXLiLSNaHIecmHCk0j5tRbv38y9VBQ_slPw9IDjfvrXyOF8ECw76RuOt8qiCpvkR9n0sIJ0AuhkhSB6OmeWqEfSuJ95-qeKAJ6Usf1SZjvNOg1mOYKoA1jv8JYJnIYAzR0PlzS4pyGaQOXjfEKj-TQCCP9Jy6GksW901nIAEImgr4JoASLE3PUHUmlQKcwQIAoLtlp7mrqkj-Tjk8W9dFfdfK_Friuugohjj4_Nj86Zez2RWTsV2jpuzCfAF5UbfPpteAsC24WxMQUI7OOfDlRUDFUlawQQcV-rHM2uIuRdxqt2DtixhQfXdgYkolmnnGkij44QsqZ9SgFCJmecjmaL_KBifd_ksNPNnTss-8erXnf70QmK_VBDLK06kkqjaN8_5AGDKZUmn4Gvq7Nfc72ajiVEkgGoI5l1qzQHmmo0SjGOK_cBAWGkluGdB3TeRQ14kMiBPfVmnoB130RNXhWr5plZKWZpi1sHPTcdOim7FynxaPG-aZnsg109Vn4mwDgWtGzsu00uTBAwciM80i5E6Btk4brB7hYqxhGSyoiHki-Lw631ta5VDHGizBmPWtTevG-6UJVWIjzaR5qGg5O9boXzHBRZAN0zbrdNOcx5INZHdn3UjjflPuDcA5xNPIStJGHHftHj94g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame A6C6 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxzciOTY7H147pUXppVCqhp8jeM3a2YTE4zacODdQq1KA0_kfInwbtjlBeyaKDTt-799YDRdmMWMHhTqUgiu1PtmUwmI6UmUgZuWbVgwTRzNjtNYMrpUkPMBAAgEO0kI1CqVEZmg&sai=AMfl-YQD6dWR0jbUjIYDcIl9lPCfvkpqT1Pt5uFOE6msoOLrGOzos_NeSvsjrknjReOOrqbKSGsxPc5jB1cueyQY61xgMilJjM4XLTUFy5gB33z0QY43e1CfY5rJmEN_O9jJvkCAKO3CNm_CoTTEugA&sig=Cg0ArKJSzLPrRP9Jddv7EAE&cid=CAQSSwDq26N9jQxZI7cHtgS39t2apc11cQ8g3RXHSmse0Uiak5HpQKeZCXw_xOcmuBX6NDV04jy0lXx4VCxc1a7aJYstHR_0SimdIc91XRgBIBM&id=ampim&o=15,86&d=300,60&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=193&tls=1193&g=100&h=100&tt=1193&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 46D5 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1014073015171931799@@60256336,7792072321728963010,100|1136|0|0|0|0|0|0|0||107|0|||||1|0|0|5HP9hHlyg91X7EYoWZQhUZlsqxKEZ_1sWMLW3WEC9HtGzhsfgaAHchhpnBRkvb3lA7z_uuw_WOM1|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://amenazaytx.site
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame D1E4 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Jan 2023 09:08:19 GMT
syncframe
gum.criteo.com/ Frame BF6F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=amenazaytx.site
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:19 GMT
server
Kestrel
server-processing-duration-in-ticks
892184
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D1E4 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 10 Jan 2023 22:25:06 GMT
server
nginx
etag
W/"63bde5c2-162a9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 21 Jan 2023 09:08:19 GMT
sid
mug.criteo.com/ Frame BF6F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=amenazaytx.site&sn=ChromeSyncframe&so=0&topUrl=amenazaytx.site&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=HNKjqHxEM2loWWJ4bE85K2dHMFNORjRwZE1EYWdWNEU4WnlLeU95VlhGTUNtaWJBTHlzN2JqbFpCNkdUQUpmTG95a2dCOURoOWtjZHFoTExsVkhWNmhJKzNrYWx5bzhOd3ZEV3l3WmoxNzVORlh5aDlIYk9td0JHTU1laH...
433 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HNKjqHxEM2loWWJ4bE85K2dHMFNORjRwZE1EYWdWNEU4WnlLeU95VlhGTUNtaWJBTHlzN2JqbFpCNkdUQUpmTG95a2dCOURoOWtjZHFoTExsVkhWNmhJKzNrYWx5bzhOd3ZEV3l3WmoxNzVORlh5aDlIYk9td0JHTU1laHYxQ3EzMU5rYXdRUTR2OC9yOENKbVhCOUkyL3RETlRCeGhOTWx6dEJsVmVENDE4RitVa2pGbnk5V1pOaFBYdkw1Sm0weHhzSzR0YmxPc2R0cDJ6eHc5WDQySDZpSWIra2ZsVzdJYllVeTJlYXVHT213UmF3QVRQemVyZXVQMmdjM1VWS1ZiZFQxQ2prN3hOYmRra3pHaHEzL1hwbzRNQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ed81e6a8dec99852255e1ef3bac2e19476c3dfc9e471ff7c5f774df3642c4d6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:19 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1622117
expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=HNKjqHxEM2loWWJ4bE85K2dHMFNORjRwZE1EYWdWNEU4WnlLeU95VlhGTUNtaWJBTHlzN2JqbFpCNkdUQUpmTG95a2dCOURoOWtjZHFoTExsVkhWNmhJKzNrYWx5bzhOd3ZEV3l3WmoxNzVORlh5aDlIYk9td0JHTU1laHYxQ3EzMU5rYXdRUTR2OC9yOENKbVhCOUkyL3RETlRCeGhOTWx6dEJsVmVENDE4RitVa2pGbnk5V1pOaFBYdkw1Sm0weHhzSzR0YmxPc2R0cDJ6eHc5WDQySDZpSWIra2ZsVzdJYllVeTJlYXVHT213UmF3QVRQemVyZXVQMmdjM1VWS1ZiZFQxQ2prN3hOYmRra3pHaHEzL1hwbzRNQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
353923
content-length
0
expires
0
checksync.php
contextual.media.net/ Frame 470A 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-38-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51b9777abda8a6ddc4c1ae2e0d25cc908a3fda58b3ccc541bfd77953832dbf7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8210
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
Sun, 22 Jan 2023 09:08:20 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 2594 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67229
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 19 Jan 2023 14:27:52 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
ZaicmyAigbV1sVl-NydsgAAakLo3j7dCt4Bhkax1Lf1r7takoPRtPQ==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame 7566 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 20 Jan 2023 09:08:20 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 290B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 20 Jan 2023 09:08:20 GMT
ETag
"623de86a-cf34"
Expires
Sat, 21 Jan 2023 09:08:22 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C57A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1674205696624
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
13926
g2.gumgum.com/usync/ Frame DD9F 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-153.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f81cb70496c6048f22abbdb9e711a0e514e1a246a9229e437d9945bc63318f6e

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 20 Jan 2023 09:08:20 GMT
etag
W/"003a62cbc6315ba90a26d52de8b46db5b"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 107C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 77D1 		653 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d8526622793d11f7c1bc098d4fceedfa22211c751b229faa35596fc66def511

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
653
content-type
text/html
date
Fri, 20 Jan 2023 09:08:20 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4a0aa78f0f13c3b3f38ee7e1b45955b3610c786dfe8c16fe4b098bf48c25c8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78c6aa3a5f539070-FRA
content-encoding
br
content-type
text/html
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nE0BCXcM1g9%2BB2NnbPMibi7Xy9U0bvOOA41wbcsEd8y%2BJ1ak9wm6%2BK7%2Fp1K1j7k4rkqtq4OvmI8O7Qr0851VUrvY2wDMicQZ9UIxTqomB449rJmqWcdMewpFvRowE2lArsamiaoku8WFAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78c6aa3a3f109070-FRA
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NAdJLrz%2B3fO3xUmqPjHLowWG757lXIVp6v9%2BYuh1rIy8UnbG5P%2BM%2BXYWnPu5nnxj0UxSGXmyoEDVjovrxDNWGUU6qFZyiqwTjpFqPh7bI0qFqeCwXxOuiaYXtNoaCnxR6e6wef1Fmi%2BTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame BD0F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Jan 2023 09:08:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD3D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96418
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
Sat, 21 Jan 2023 11:55:18 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame DD47 		0
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 20 Jan 2023 09:08:20 GMT
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-id
VTiyAViprQ40WPxLC345ApxwckK9ZqGT30Iyatt32ldp9aJvfnvdQA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 2594
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
  • https://ads.servenobid.com/sync?pid=312&uid=5752836970381268941
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5752836970381268941
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 20 Jan 2023 09:08:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
66b16f0d-65ba-434f-8517-d28fdb14643c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=5752836970381268941
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 2594
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GBGEpRZHd0Neq6HASBOcSYTk
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GBGEpRZHd0Neq6HASBOcSYTk
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=GBGEpRZHd0Neq6HASBOcSYTk
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 2594 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 20 Jan 2023 09:08:20 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 2594
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1674205700393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=191258801
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=191258801
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
etag
RXc0818b216ca44873864a3828cc8b3649003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=191258801
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 2594
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210823235660915
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210823235660915
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210823235660915
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 2594 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-39
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 2594
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=71b5d376-e5f9-457c-8c2a-671e67fb3321&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=71b5d376-e5f9-457c-8c2a-671e67fb3321&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=71b5d376-e5f9-457c-8c2a-671e67fb3321&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 2594
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-sync
sync.adkernel.com/ Frame 2594
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EQ____________ASpTaHR0cHM6Ly...
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EyAhsSOAE=%26buyeruid%3D%7BUID%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
nginx
Connection
close
Content-Length
0

Redirect headers

location
http://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01ODMwMjlmNS0xM2VjLTM4OWUtYTAzYS04MDA4NjI0NzhhN2EyAhsSOAE=%26buyeruid%3D%7BUID%7D
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 2594
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame 290B 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
AN-X-Request-Uuid
037fd84d-bff1-4caa-9e32-b60317b1fe3d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame AD3D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77786868&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f18da35d2f051e5bdb3e443ebe991b7b9c4fa2878fc0259d958661fa3b7742ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 09:08:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHFr-tjytYulGkbs8MH8cOs&google_cver=1
43 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHFr-tjytYulGkbs8MH8cOs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoPSe1kc9IGersmrjI25D7FMYItkp3lhiX4xGW1yqvjeCe3kwDY03uCDJO1J0Km6jjarLlwE4l6%2BeObfsESPF8wRldJG7tiGZiYpb6DUJwZlWSj96qVw7yUhGxUDCQ1RkPPD8F4DvhyYZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
78c6aa3afb0d9249-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHFr-tjytYulGkbs8MH8cOs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 93B7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
THTVCRGDX8SM33S5NZ86
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J4VZSQVS7EYYFD69GM89
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y8paBPdvZNLF.1OfkCksZwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENn9pxI-irToMcEX6OCgR6k&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENn9pxI-irToMcEX6OCgR6k&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENn9pxI-irToMcEX6OCgR6k&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 93B7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Fri, 20 Jan 2023 09:08:20 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0tQnfdGGdCjJ03x6hoNpKtbWIX3Jgn14hYPQrSr3
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0tQnfdGGdCjJ03x6hoNpKtbWIX3Jgn14hYPQrSr3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0tQnfdGGdCjJ03x6hoNpKtbWIX3Jgn14hYPQrSr3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 93B7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fda663ca-5a04-4d00-8a38-c8306842373b
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fda663ca-5a04-4d00-8a38-c8306842373b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
MT3 357 2feb0b5 master cdg-pixel-x31 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=fda663ca-5a04-4d00-8a38-c8306842373b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 20 Jan 2023 09:08:19 GMT
sync
ads.servenobid.com/ Frame 93B7 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame BD0F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f6407376a6724051c1eb91280a1f67067afe036b6f63a248a1008ae2b0aed13a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jan 2023 07:59:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82300
Connection
keep-alive
Content-Length
10037
Expires
Sat, 21 Jan 2023 08:00:00 GMT
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5752836970381268941
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5752836970381268941
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 20 Jan 2023 09:08:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
26b32bf9-0e9b-4979-9fd8-a007303640d1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=5752836970381268941
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e3caa00e-7803-4cf7-a530-a4440e863559&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_e3caa00e-7803-4cf7-a530-a4440e863559&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=37a96d8a-87a2-4e71-94d8-2cd4e34f8e16&ssp=gumgum2&expires=30&user_group=5&bsw_param=9f017518-ba6c-4d8d-b340-f35e0e673529
  • https://usersync.gumgum.com/usersync?b=bsw&i=9f017518-ba6c-4d8d-b340-f35e0e673529
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9f017518-ba6c-4d8d-b340-f35e0e673529
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9f017518-ba6c-4d8d-b340-f35e0e673529
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-194e26c5-3976-4457-445b-cc3b42891e6f$ip$81.95.5.44
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-194e26c5-3976-4457-445b-cc3b42891e6f$ip$81.95.5.44
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-194e26c5-3976-4457-445b-cc3b42891e6f$ip$81.95.5.44
Date
Fri, 20 Jan 2023 09:08:20 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e3caa00e-7803-4cf7-a530-a4440e863559&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=7B3ZtmLC0atiC6YSXQ7X&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2CGNNHI3KMIMYGC5DJIM3FSU2YKE3VQ...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7B3ZtmLC0atiC6YSXQ7X&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7B3ZtmLC0atiC6YSXQ7X&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7B3ZtmLC0atiC6YSXQ7X&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame DD9F
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1674205700393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1410524352
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1410524352
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
etag
RXc0818b216ca44873864a3828cc8b3649003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1410524352
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=91C3yVNxxuuj&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=91C3yVNxxuuj&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=91C3yVNxxuuj&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-64ccb75b9-snk26
expires
-1
usersync.aspx
widget.eu.criteo.com/dis/ Frame DD9F
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28hOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_e3caa00e-7803-4cf7-a530-a4440e863559&obuid=ENC(hOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DhOu1h5_DeHBvcOVguC21J...
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DhOu1h5_DeHBvcOV...
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.eu.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DhOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3498711
expires
Fri, 20 Jan 2023 00:00:00 GMT

Redirect headers

location
https://widget.eu.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DhOu1h5_DeHBvcOVguC21J1GWV3wI0ZXKeuAa7Bh5HW_bM4zL_xiPJFm9Zh8qih6D%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform
date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
118662
content-length
0
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=3a980348-8ac3-49fd-893a-5ed67131600f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=3a980348-8ac3-49fd-893a-5ed67131600f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 20 Jan 2023 09:08:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=3a980348-8ac3-49fd-893a-5ed67131600f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-XQZsjwZE2pfNZOJ52pLwrtuAoUEuGFVakrZM~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-XQZsjwZE2pfNZOJ52pLwrtuAoUEuGFVakrZM~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-XQZsjwZE2pfNZOJ52pLwrtuAoUEuGFVakrZM~A
content-length
0
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=3f231c80-0700-454e-8be8-86446772acdd
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=3f231c80-0700-454e-8be8-86446772acdd
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=3f231c80-0700-454e-8be8-86446772acdd
Date
Fri, 20 Jan 2023 09:08:20 GMT
Connection
keep-alive
X-CI-RTID
7eb558b5-ec8d-4646-ab30-62f80b1999b4
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame DD9F 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
859032587
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame DD9F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:19 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=09a6f855-cf9e-4352-b519-9fa50241d6b2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=09a6f855-cf9e-4352-b519-9fa50241d6b2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=09a6f855-cf9e-4352-b519-9fa50241d6b2
access-control-allow-origin
*
date
Fri, 20 Jan 2023 09:08:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame DD9F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5792732571322418295
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5792732571322418295
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5792732571322418295
date
Fri, 20 Jan 2023 09:08:20 GMT
content-length
0
sync
ads.servenobid.com/ Frame DD9F 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_e3caa00e-7803-4cf7-a530-a4440e863559
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
0.gif
id5-sync.com/i/495/ Frame 8E22
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 20 Jan 2023 09:08:20 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 20 Jan 2023 09:08:18 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA85 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96418
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
Sat, 21 Jan 2023 11:55:18 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C9F5 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 20 Jan 2023 09:08:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 8CD6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
Fri, 20 Jan 2023 09:08:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master cdg-pixel-x33 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame AC85
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_
  • https://usersync.gumgum.com/usersync?b=atm&i=Y8paBAAAALmEtwA_&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y8paBAAAALmEtwA_&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y8paBAAAALmEtwA_&gdpr=0&gdpr_consent=&_test=Y8paBAAAALmEtwA_
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4548-YYZ
x-timer
S1674205701.709974,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame D74A 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lM2NhYTAwZS03ODAzLTRjZjctYTUzMC1hNDQ0MGU4NjM1NTk=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 505F
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=5752836970381268941&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=5752836970381268941brt50781674205700332243f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=5752836970381268941brt50781674205700332243f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Fri, 20 Jan 2023 09:08:19 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=5752836970381268941brt50781674205700332243f1
usersync
usersync.gumgum.com/ Frame D597
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y8paBcCo8YUAACaJHJkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y8paBcCo8YUAACaJHJkAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:21 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 20 Jan 2023 09:08:21 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y8paBcCo8YUAACaJHJkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1017.dc4p.scaleout.jp
X-SO-IP
81.95.5.44
X-SO-Key
Y8paBcCo8YUAACaJHJkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y8paBcCo8YUAACaJHJkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1017"}
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1017
gumgum
cs.admanmedia.com/sync/ Frame 8554 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_e3caa00e-7803-4cf7-a530-a4440e863559&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame DFF7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y8paBPdvZNLF.1OfkCksZwAA%261191
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y8paBPdvZNLF.1OfkCksZwAA%261191
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
78c6aa3adae69249-FRA
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y8paBPdvZNLF.1OfkCksZwAA%261191
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARfNxj%2FZ4TUN655%2Ff6Zgu71bYl90ZkBdqH%2BKtsChMKcg3W%2FZrFKijW7dUpzPEDiLRO5uATUGNgXanK%2FZoVT3Rgf24LCVs%2BFKh%2B3vH3CCqVpmPpNeBLD82SQj1Ji%2B1keUUTUIUN%2F5qo34dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 4348
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=j06SCzQNbPiuIakRHkgK&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=j06SCzQNbPiuIakRHkgK&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT Fri, 20 Jan 2023 09:08:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=j06SCzQNbPiuIakRHkgK&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame ED1A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 20 Jan 2023 09:08:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 77D1 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6785843909122720780&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 77D1
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=901fc062-2b21-452c-9416-9dfd338d0b79&gdpr=0&gdpr_consent=
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=901fc062-2b21-452c-9416-9dfd338d0b79&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:19 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=901fc062-2b21-452c-9416-9dfd338d0b79&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 77D1 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 77D1
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTc5MjczMjU3MTMyMjQxODI5NQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTc5MjczMjU3MTMyMjQxODI5NQ==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTc5MjczMjU3MTMyMjQxODI5NQ==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:19 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 77D1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=9f017518-ba6c-4d8d-b340-f35e0e673529
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0d6e3e29-55b8-45b1-a5ad-0bbca351fd06&user_group=1&ssp=smartadserver&bsw_param=9f017518-ba6c-4d8d-b340-f35e0e673529
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9f017518-ba6c-4d8d-b340-f35e0e673529&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9f017518-ba6c-4d8d-b340-f35e0e673529&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9f017518-ba6c-4d8d-b340-f35e0e673529&gdpr=&gdpr_consent=
date
Fri, 20 Jan 2023 09:08:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame BD0F 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame ED1A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f6407376a6724051c1eb91280a1f67067afe036b6f63a248a1008ae2b0aed13a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 09:08:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jan 2023 07:59:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82300
Connection
keep-alive
Content-Length
10037
Expires
Sat, 21 Jan 2023 08:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 7645 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3D92
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
42 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
Fri, 20 Jan 2023 09:08:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 357 2feb0b5 master cdg-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e7b563ca-5a04-4300-9dde-6d4623468439&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 48AB
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9066896061604215831
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9066896061604215831
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9066896061604215831
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 516B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 09:08:21 GMT
expires
Fri, 20 Jan 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1888383
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame CABA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 20 Jan 2023 09:08:20 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame A2CA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MG0KJB9RKMGWPPY0MHTQ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 20 Jan 2023 09:08:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F1C6ADD8-1928-4894-9408-49DD9760A828&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ECVY905C2MNEP1RAM0JQ
sync
ads.servenobid.com/ Frame 73DE 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=F1C6ADD8-1928-4894-9408-49DD9760A828
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.248.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-248-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 20 Jan 2023 09:08:20 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AD3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8cat2BkoSJSUCEndl2CoKA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=96418
accept-ranges
bytes
content-length
5554
expires
Sat, 21 Jan 2023 11:55:18 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2296f5ad7a6b5063/gdpr=0/ Frame AD3D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8ff708fc95587915dfbfc8a887dc6dca&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2296f5ad7a6b5063/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2296f5ad7a6b5063/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
52.18.161.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-161-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.132
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2296f5ad7a6b5063/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame AD3D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F1C6ADD8-1928-4894-9408-49DD9760A828&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F1C6ADD8-1928-4894-9408-49DD9760A828&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F1C6ADD8-1928-4894-9408-49DD9760A828&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date
Fri, 20 Jan 2023 09:08:20 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F1C6ADD8-1928-4894-9408-49DD9760A828&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame AD3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjFDNkFERDgtMTkyOC00ODk0LTk0MDgtNDlERDk3NjBBODI4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame AD3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFxlEBuxUd43N7bDBeoJ5iw&google_cver=1
42 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFxlEBuxUd43N7bDBeoJ5iw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFxlEBuxUd43N7bDBeoJ5iw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame AD3D 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 19 Jan 2023 09:08:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AD3D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1014073015171931799
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1014073015171931799
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 20 Jan 2023 09:08:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1014073015171931799
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame AD3D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
khaos.jpg
token.rubiconproject.com/ Frame ED1A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame ED1A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame BD0F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HVPFKTV6LZ&gtm=2oe1i0&_p=338162257&cid=965074567.1674205696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674205695&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame BD0F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
token.rubiconproject.com/ Frame BD0F 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
pixel.rubiconproject.com/ Frame BD0F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YLJxJVhsSbqZb-gbbP5tDA&rk=usync-other
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YLJxJVhsSbqZb-gbbP5tDA&rk=usync-other
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EK0DXM1HKXSJQ0ZYVMX5
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YLJxJVhsSbqZb-gbbP5tDA&rk=usync-other
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
token
pixel.rubiconproject.com/ Frame BD0F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vAU46phhSfuAGABphl3Wbg&rk=usync-na
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vAU46phhSfuAGABphl3Wbg&rk=usync-na
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6DYY145P2ES6A0FCC23M
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vAU46phhSfuAGABphl3Wbg&rk=usync-na
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
143
match.deepintent.com/usersync/ Frame BD0F 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:20 GMT
content-length
0
server
a
tap.php
pixel.rubiconproject.com/ Frame BD0F
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/rb.gif
  • https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=aa54fde2-36c7-4979-9f6e-2cc90fc38abf&expires=365
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=aa54fde2-36c7-4979-9f6e-2cc90fc38abf&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=aa54fde2-36c7-4979-9f6e-2cc90fc38abf&expires=365
Date
Fri, 20 Jan 2023 09:08:20 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
token
token.rubiconproject.com/ Frame BD0F 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=26594
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesync
bttrack.com/pixel/ Frame BD0F 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-servername
Track002-iad
pragma
no-cache
date
Fri, 20 Jan 2023 09:08:20 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
35
expires
-1
ft.stat
stat.flashtalking.com/reportV3/ Frame 46D5 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?225072972-7062982;4158002;0-101-0-5498D4ADA45A39-4458892
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:20 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 20 Jan 2023 09:08:20 GMT
async_usersync
ib.adnxs.com/ Frame 290B 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:21 GMT
AN-X-Request-Uuid
c7a99b95-f73f-4f16-a659-06efb178eba2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.44; 81.95.5.44; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZXVHQW49E&gtm=2oe1i0&_p=338162257&cid=965074567.1674205696&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674205696&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=13
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame AD3D 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:08:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ft.stat
stat.flashtalking.com/reportV3/ Frame 46D5 		1 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?225072972-7062982;4158002;0-310-0-5498D4ADA45A39-650257479-50x0x0x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 09:08:22 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Fri, 20 Jan 2023 09:08:22 GMT
/
track.adform.net/serving/unload/ Frame 46D5 		35 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1014073015171931799@@60256336,7792072321728963010,100|4736|0|0|0|0|0|0|0||444|0|||||1|0|0|5HP9hHlyg91X7EYoWZQhUZlsqxKEZ_1sWMLW3WEC9HtGzhsfgaAHchhpnBRkvb3lA7z_uuw_WOM1|||01|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 09:08:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://amenazaytx.site
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP function| gtag object| dataLayer object| _0x6932 object| _0x21f3 function| _0x48e6 boolean| _purpleAdsDisplayInit object| globalSlots string| purpleadsInstanceId object| purpleadsAgent object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| persistclose number| startX number| startY string| verticalpos function| iecompattest function| get_cookie function| closebar function| staticbar function| verifyCallback function| onloadCallback object| Light function| updateDCPAProgress object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| recaptcha object| ADAGIO object| _0x6197 function| ver_enlaces object| interstitialSlot object| googletag object| ggeac object| google_js_reporting_queue object| dataSWP object| pbs object| target object| _ADAGIO object| kadenceConfig object| google function| check_ga function| ADSendWebPushVideo object| kadence undefined| google_measure_js_timing object| google_reactive_ads_global_state string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id number| _tlTagsPending object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| Adform number| barheight function| stayTopLeft object| ftlObj object| GoogleGcLKhOms object| google_image_requests object| criteo_syncframe_state

116 Cookies

Domain/Path Name / Value
.amenazaytx.site/ Name: _ga_HVPFKTV6LZ
Value: GS1.1.1674205695.1.0.1674205695.0.0.0
.amenazaytx.site/ Name: _ga_2ZXVHQW49E
Value: GS1.1.1674205696.1.0.1674205696.0.0.0
.amenazaytx.site/ Name: _ga_GG2SR4CZDE
Value: GS1.1.1674205696.1.0.1674205696.0.0.0
.amenazaytx.site/ Name: _ga
Value: GA1.2.965074567.1674205696
.amenazaytx.site/ Name: _gid
Value: GA1.2.1197727135.1674205696
.amenazaytx.site/ Name: _gat_gtag_UA_205586502_1
Value: 1
.servenobid.com/ Name: cap_559
Value: 10
amenazaytx.site/ Name: cookielawinfo-checkbox-necessary
Value: yes
amenazaytx.site/ Name: cookielawinfo-checkbox-functional
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-performance
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-analytics
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-advertisement
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-others
Value: no
amenazaytx.site/ Name: viewed_cookie_policy
Value: yes
.prebid.a-mo.net/ Name: __amc
Value: 3_1674205696_1674205696
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnW439UT_aFp6Xdo6qQsB2dFljobC5y1cR7olS_KAcAzcjffBIhoZkKqVnUttc
.adform.net/ Name: uid
Value: 1014073015171931799
.adform.net/ Name: TPC
Value: 1674205697437
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.amenazaytx.site/ Name: _gat_sendWebPushNetwork
Value: 1
.mediaintelligence.de/ Name: emid
Value: 63ca5a013280fff02d25cdaa
.mediaintelligence.de/ Name: trs
Value: 63ca5a013280fff02d25cdab
.amenazaytx.site/ Name: __gads
Value: ID=f0889c29878b817f:T=1674205696:S=ALNI_MY-CmNjv8B5PYKdm0Es4JsfHspzOg
.amenazaytx.site/ Name: __gpi
Value: UID=00000ba5a63a7d31:T=1674205696:RT=1674205696:S=ALNI_MZMnGrKNR8gA-s2G3GwyNjNfu-JBw
.criteo.com/ Name: uid
Value: 291c44b3-1ef3-419d-9f47-b073296b0ecb
.amenazaytx.site/ Name: cto_bundle
Value: XFWdl19LJTJGOVA5cE9oU3JaMzNNN0dGYXFVUnlEenpzTFdEcUxPbHlQbVRZUnlhYiUyRnhBSjRvWDhDd0psTzhSOWFnS2hPcXEzNjd4eSUyQmw0Z0toMnpNSmZqUlB3bkdReXBmR3RFcXp5NFlMdFF5NVlxTjk2aGs5SzQyJTJGYnk3OGtqVVUwQVNJZyUyQjhDenA1dFFPRDUxNmhKMXRoTktnJTNEJTNE
.adnxs.com/ Name: uuid2
Value: 5752836970381268941
.servenobid.com/ Name: pid_327
Value: 71b5d376-e5f9-457c-8c2a-671e67fb3321
.servenobid.com/ Name: pid_312
Value: 5752836970381268941
.lijit.com/ Name: ljt_reader
Value: GBGEpRZHd0Neq6HASBOcSYTk
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjYyNjUzM7A0NBXiM9S1LHKyiAzz9zCwMA4FAEAizsAlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5iZGBqbmBgZGACALxkma0QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjYyNjUzM7A0NBXiM9S1LHKyiAzz9zCwMA4FAEAizsAlAAAA
.casalemedia.com/ Name: CMID
Value: Y8paBPdvZNLF.1OfkCksZwAA
.casalemedia.com/ Name: CMPS
Value: 1191
.casalemedia.com/ Name: CMPRO
Value: 1191
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.yahoo.com/ Name: A3
Value: d=AQABBARaymMCEKHYcOm1J8I8beQCXCSCI7QFEgEBAQGry2PUYwAAAAAA_eMAAA&S=AQAAAurmXy8YyeCLfInKsHsT6aI
.servenobid.com/ Name: pid_324
Value: 5141210823235660915
.ads.pubmatic.com/ Name: KCCH
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: 198o~29ix
.gumgum.com/ Name: vst
Value: e_e3caa00e-7803-4cf7-a530-a4440e863559
.servenobid.com/ Name: pid_310
Value: GBGEpRZHd0Neq6HASBOcSYTk
.servenobid.com/ Name: pid_337
Value: y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
.servenobid.com/ Name: pid_339
Value: y-gXpLVvVE2uE9ES6vOCHX8ZcbeOFMhvNRc0BDVco-~A
.servenobid.com/ Name: pid_333
Value: Y8paBPdvZNLF-1OfkCksZwAABKcAAAAB
.smartadserver.com/ Name: pid
Value: 5792732571322418295
.quantserve.com/ Name: mc
Value: 63ca5a04-48fbd-621ea-e9dad
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F1C6ADD8-1928-4894-9408-49DD9760A828
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1675382400%3A201_197_219_221
.pubmatic.com/ Name: SyncRTB3
Value: 1675382400%3A161_8_251_220_21_13_56_7_54%7C1675468800%3A35
.servenobid.com/ Name: pid_309
Value: e_e3caa00e-7803-4cf7-a530-a4440e863559
.creativecdn.com/ Name: u
Value: j06SCzQNbPiuIakRHkgK
.creativecdn.com/ Name: ts
Value: 1674205700
.servenobid.com/ Name: pid_317
Value: 6785843909122720780
.mathtag.com/ Name: uuid
Value: e7b563ca-5a04-4300-9dde-6d4623468439
.emxdgt.com/ Name: euid
Value: 50781674205700332243f1
.outbrain.com/ Name: obuid
Value: 7674efe3-148c-4944-a94a-295dcc47ea83
.quantserve.com/ Name: d
Value: ENYBEgGMKPijC_vLEA
.emxdgt.com/ Name: eapn_id
Value: 5752836970381268941
.servenobid.com/ Name: pid_316
Value: F1C6ADD8-1928-4894-9408-49DD9760A828
.fiftyt.com/ Name: fifid
Value: 2f1d59e5-37dd-4b01-52f7-731f008fbaf6
.fiftyt.com/ Name: cs
Value: MTY3NDIwNTcwMHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fNyn4mBNaduYkwkYoqeYIgK1BICvpczHbIoc96sdaJEQ
.onaudience.com/ Name: cookie
Value: 2296f5ad7a6b5063
.onaudience.com/ Name: done_redirects161
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c0818b21-6ca4-4873-864a-3828cc8b3649-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.simpli.fi/ Name: suid
Value: 95F6E75ADE6A452A9DAC47F8A78577F4
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEFxlEBuxUd43N7bDBeoJ5iw&KRTB&22987-CAESEFxlEBuxUd43N7bDBeoJ5iw&KRTB&23025-CAESEFxlEBuxUd43N7bDBeoJ5iw&KRTB&23386-CAESEFxlEBuxUd43N7bDBeoJ5iw
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7&KRTB&19420-17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7&KRTB&22979-17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7&KRTB&23403-17WAAtTn01fMstsFg-LOVdO3hgLM49oHgOIJ3BN7
.fiftyt.com/ Name: fppm
Value: 20230120090820
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e7b563ca-5a04-4300-9dde-6d4623468439&KRTB&16736-uid:e7b563ca-5a04-4300-9dde-6d4623468439&KRTB&23019-uid:e7b563ca-5a04-4300-9dde-6d4623468439&KRTB&23114-uid:e7b563ca-5a04-4300-9dde-6d4623468439
.de17a.com/ Name: guid
Value: 1.9066896061604215831
.tidaltv.com/ Name: tidal_ttid
Value: 901fc062-2b21-452c-9416-9dfd338d0b79
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1014073015171931799&KRTB&23263-1014073015171931799
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjazsDI0NgMAUlsWjwkAAAA="
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9066896061604215831
.pubmatic.com/ Name: PugT
Value: 1674205700
.onaudience.com/ Name: done_redirects104
Value: 1
.smartadserver.com/ Name: csync
Value: 96:901fc062-2b21-452c-9416-9dfd338d0b79|134:OB_OK
.go.sonobi.com/ Name: HAPLB8S
Value: s8539|Y8paB
.bidswitch.net/ Name: c
Value: 1674205700
.bidswitch.net/ Name: tuuid_lu
Value: 1674205700
.bidswitch.net/ Name: tuuid
Value: 9f017518-ba6c-4d8d-b340-f35e0e673529
.360yield.com/ Name: tuuid
Value: 09a6f855-cf9e-4352-b519-9fa50241d6b2
.360yield.com/ Name: tuuid_lu
Value: 1674205700
.zemanta.com/ Name: zuid
Value: 7B3ZtmLC0atiC6YSXQ7X
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 8856311a4a0b29ad
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y8paBAAAALmEtwA_
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-194e26c5-3976-4457-445b-cc3b42891e6f.kgHFVZV6kZtXOaPkNOxyk7bIO%2Be6RL%2F3%2Bj4pPgaFSSg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGU4mxTl2RFdEW8w7Qokeb1FfBSw.w3LGhcvxc3gXqgZ76M7Lf8TIVD8FQ5V%2Btnpfr4SjZPw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ipredictive.com/ Name: cu
Value: 3f231c80-0700-454e-8be8-86446772acdd|1674205700634
.creative-serving.com/ Name: tuuid
Value: 37a96d8a-87a2-4e71-94d8-2cd4e34f8e16
.creative-serving.com/ Name: c
Value: 1674205700
.creative-serving.com/ Name: tuuid_lu
Value: 1674205700
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-583029f5-13ec-389e-a03a-800862478a7a
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.openx.net/ Name: i
Value: 1e099861-0b51-4e5c-b497-86d3dd4652b4|1674205700
.bluekai.com/ Name: bku
Value: ikG999HS0Z1TYNXL
.bluekai.com/ Name: bkpa
Value: KJhz0f+r3p9R9mY7zqqz4QzTYpov9BLxtTHi1nODe39V85//7Wg6bSLrcEodI+qERwLNTvllfddxI5TOBdqsQTthxIeVKjP8NVnLrtc6lbN2E9MFWH9W8n0587rfIroF8ZfB3FtT/uew3HI7I5Ti/m4gLfIR9xaop4PbBrlk8tcu/Hpv9fOTa0GVPf7gzYUvCksUo6JDBcVTa98GTY3DMFfM7G8mcWuoz2cyVLiYOkQhDqMb20VvijKSHSzAi8oYQRu9uLki4Ouh3s7QCWAL11An3/XHngBWkSAXP4r5u+/Z62HBcOgocciXKmLKGf2jwv4UhpCXZ7qt+XFkX7L9rWozd9==
.amazon-adsystem.com/ Name: ad-id
Value: A5h3qfXx4U9BrCfzdxZmBdk
beacon.lynx.cognitivlabs.com/ Name: UID
Value: aa54fde2-36c7-4979-9f6e-2cc90fc38abf
beacon.lynx.cognitivlabs.com/ Name: ss
Value: P6v492GsqinlX4oSwbAkWxYNI3E2DsmlbfK%2FMha4Rfp1XUAatMAL8BhWQzJJp6n69vDwaf3D3kX0RVpksg9wdQ%3D%3D
pool.admedo.com/ Name: tuuid
Value: 0d6e3e29-55b8-45b1-a5ad-0bbca351fd06
pool.admedo.com/ Name: c
Value: 1674205701
pool.admedo.com/ Name: tuuid_lu
Value: 1674205701

31 Console Messages

Source Level URL
Text
javascript warning URL: https://cdn.eswhik.com/npm/theme.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/npm/tags, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/theme.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/npm/tags, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://eswhik.github.io/drive/buttons/z1/config, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/300x250-cpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/analytics-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/reCAPTCHA/sites, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/api-popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/pregressAdTime, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/api/api-eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/copyright-eswhik.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://eswhik.github.io/drive/buttons/z1/config
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://eswhik.github.io/drive/buttons/z1/config
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://eswhik.github.io/drive/buttons/z1/error, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.eswhik.com/drive/reCAPTCHA/sites
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/progressAd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/ConfigProgressAd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-push(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-push(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/eswhik-push.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://mediaintelligence.de/trck/epv/508286b1ba6491297b1126863b0f7edc?330910667
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://mediaintelligence.de/trck/epv/508286b1ba6491297b1126863b0f7edc?330910667(Line 2)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2296f5ad7a6b5063/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=aa54fde2-36c7-4979-9f6e-2cc90fc38abf&expires=365
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-events.flashtalking.com
ad.360yield.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
amenazaytx.site
ap.lijit.com
api.purpleads.io
aud.pubmatic.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
beb662463fc73aae95f414367081f772.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
cdn.ampproject.org
cdn.eswhik.com
cdn.flashtalking.com
cdn.psdn.xyz
cdn.purpleads.io
cdn.sendwebpush.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
eswhik.github.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
loada.exelator.com
log.outbrainimg.com
match.adsrvr.org
match.deepintent.com
mediaintelligence.de
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
stat.flashtalking.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
widget.eu.criteo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.109.57.2
104.109.78.125
104.111.217.162
104.96.145.246
124.146.215.48
13.32.27.10
13.32.27.27
13.32.27.54
141.94.171.214
141.95.98.64
142.250.186.66
147.135.143.112
147.75.85.234
151.101.194.49
169.197.150.8
172.64.154.237
178.250.0.163
178.250.2.146
18.156.32.70
18.198.69.109
182.161.74.16
184.30.17.14
184.30.20.47
185.183.112.155
185.184.8.90
185.29.134.248
185.64.189.110
185.64.189.229
185.64.190.80
185.80.39.216
185.86.137.133
185.86.139.104
185.89.211.116
185.89.211.84
192.132.33.46
193.0.160.129
193.122.130.38
198.148.27.139
198.47.127.19
198.47.127.20
2.18.36.181
2.18.36.193
20.127.253.7
20.13.96.71
2001:4860:4802:32::36
205.185.216.10
205.185.216.42
213.155.156.182
213.19.147.44
216.52.2.39
2600:9000:206f:5600:1f:4c18:bd40:93a1
2606:4700:10::6816:4be5
2606:4700:20::ac43:4bf1
2606:4700::6810:7eaf
2606:4700::6812:272
2606:50c0:8000::153
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200e
2a00:1450:400d:802::2001
2a00:1450:400d:802::2002
2a00:1450:400d:803::2001
2a00:1450:400d:803::2004
2a00:1450:400d:805::2002
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:4780:b:730:0:2ede:94d2:a
2a05:d018:24:b002:7c71:3140:9ace:c0bc
2a05:d018:d29:3601:3fa2:8fc7:943c:2dee
2a06:98c1:3121::c
3.126.56.137
3.210.159.45
3.88.253.42
3.9.51.10
34.107.148.139
34.200.16.206
35.157.209.111
35.201.96.126
35.204.158.49
35.210.53.219
35.244.159.8
37.157.2.247
37.157.3.30
37.157.4.23
51.89.9.252
52.16.248.222
52.18.161.122
52.210.15.1
52.223.40.198
52.31.248.0
52.46.128.147
52.48.137.153
52.58.161.171
52.59.131.18
54.175.24.238
54.211.49.49
64.202.112.159
67.220.226.234
69.166.1.10
69.173.144.165
70.42.32.191
72.251.249.14
76.223.111.18
77.245.57.72
8.43.72.98
80.77.87.162
92.123.38.97
0121bf42f1b2aa9d0a57f8911e9a80d4744a910ccf8c1363b2ddbcf58765992e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
032aae03cdb2936ae42f4bd9ac8d1fc6be6aea29416b28be8b8969dfdc58cecb
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054682d0bfdb2e796edde0b8e1920ddc4121bd3e097b95ac2f307416ec9adfb8
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0a4d1b836c2b902736e6390d5ce16ef2fb08b804585c60f4958cc2a23d7b0278
0a6604bbd78d8adaa549c8cbe181ad52a3ccf6deaeb78a19234ca89b14ca3363
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8526622793d11f7c1bc098d4fceedfa22211c751b229faa35596fc66def511
0f14b612adef254430bdf87ec7405512fe8f5d39de4d789841d1239ef6420492
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
12dcd567b94e5ff847b6cb2f1761eae55c371d5df44749bc9db2b1f1a854085b
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131
17009a214371ac8bab7c5b944235a07c118987f19f84e23c086020631a336f77
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1be8701d9f0ec4023b62d53d4233813576153c6c3abf87efefdafad966663927
1ed6438bfe41ea5183dba8da3c961dfa38e3090c39d6694fc5dd974f57ca56cf
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
22c72dadcee3108bec75726d338589e95b3e4f3800336c966a4f03f62a0ef7a6
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2804abe47f80f47f18c36af50e7bf8e520e37eea1b8426110e8f7b2e0cbf4ce6
2a258b919e16bd2641ba3c1fe6e9f068f8991c404004615e6ef1f3cb8650d639
2cd28b80d9e535057a264ac2c787339c3a6e114da736881003dfd5e98ad3de47
2cf41e08d37efa35ef0d9d9d19ff79d1a750dda53ba22cb76d0bc12a97b2e496
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2f2b33e923889bcda50f0882d32aa41ee01383f3512c297ae7caf9d87b5c660d
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
2fdf0fe5886f02dbeae515cbff881f41da5cdb8520e0b00b7a0f238b7a8158dd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34dd97dc4df4b7473a8c722f5ee839300e53b5a2aefb2a051f6066bb93834e68
36c0e61e59f0da1ef6f6d37f2e5e114bed1e19a12ab9506ef90db93a06277235
372193a611e067ceb5c08ba20546703b8cebaa7812f1723b885454c0f1175e87
3a696b72625c76c1c238f9a1f4a84549ab2af6a805ae2dd7c1cac6c429454f1c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
428a0b175c3722d6a36afce68bbd4d62ab6eabc629103f6f7fbdf1f9351d4eae
44fae9a22cf33b249b2a4b82ae47eab40d8e30ba112843c5aeb1632c7297c807
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a987c345e2743f08b68cb837e9256097ce8031c38cfa4daa5e0981cf2c51f4b
4ad5b2f60f4291e97422d9c8a862fe3c3e1f899b0f329d9f9d4b3bd40deb0c8f
4c648b28fbfa46cbae28a58852798157c8eb336f795de67c45fa735464b62617
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516afe11bcab32bc2dbe8976bee0a3841fd8e618800b5a1faac52c9f8195c0a4
51b9777abda8a6ddc4c1ae2e0d25cc908a3fda58b3ccc541bfd77953832dbf7c
51bb6e5e42da084b36fc157bdc14d6df9a559d918da43fd26bc9ff80d9e1b4d0
51ea8d18c32c9b282f7415f16283e0a991f7fd2ed6e7411032ba1b3790efcb78
53265a4603ec5a9eac74c1b89fab4c765ea1bd233bd46cde7292cbc4db7009e0
54e5a87d0b6a722ce2c8f0950e23f6b8205f391eaf52a4c10c8956b1560d3a52
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8
5e71cc5745e28949cba7ab364a611c962a548e29caa2478a9ef3d823d3ec031b
6155ad27ba297ee8f21ed649aaf1cbac1f384405496d04486b8f018d04e8d1ec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680d670af65715a34054c6ac0dcf7a392b05040c9c3438fbae8580df2de86884
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b82df01256e32a7e0225fcd06012bba6d8ea272a96f3e43a5331a059fc170d4
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
708a6d945667538389adeb9c23a11b00454203b2fd404b12895dd1d299a8be17
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
7640773899458de6505f8d74452bac91d2cbf258cb95e650c0db507d51a5e5bf
7816252ae6607ec390b3c7c0a7223949d21681bd07452c96997ddb4979b56973
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
7ab705caef63548632071266a63b9458e2257ceeeeae1fb7b07f5790bae99808
7d05117f03b894bb88e2e11b1c8dc0deef0b45bd2a0ead1a9a7e846ab0e0eb55
7d112fc0678653c2df036a3fd28b3bf056aeb55464bc19ad70a038607403a17f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fde7ce58c8978f3beb20f0406165d41a9700189b99b314c9d10220237ecb484
8050758d976f67d2f2f25d661601115114e369884f73f414a2f7b89148ce421b
81dade304acd9482ef8de082ffd5907cdc08a3cfc61680c5ffeab242ef7e66e5
820a1fddd5a609082271df120797fde740e6114eef0efe101b9a57d9158e6036
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e9a2e4876f61521aed687586e4840c65bf58d912a4a381440acf47577ea62c
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
89ab376bbbc31276d954e9f0b7aba56b305b4e13a16f0a1468a31ed677021adc
89c7a45ad926f4e9b23c0bd5d418ff16aa8f1ff4b0d5cf6517e342b01554ff83
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ac459d121d8925bf01df7171ad77cf4d71374605c8eea575b68b2adfc005921
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9337d4581e7a2b92236a8b8de8d8170c3fdd70c02533afe58c9a1295b69031d8
97b42f5456d33762968c00d290a9c536564d2cfd693fc15cf81a454d72e06610
994bb670d64c99095bf3abff77c38590ff7d1002a5ee288863b3a14c7c0da36b
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9a531463641125977e3c0db5fb89fde3ecd4b0ac25ea0aceb3c235dd55a5472c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07dc722c8012431934b7e8a519829b90811174c6e561c5a6a8f6acc96934584
a14ca100584317e9d357ea421a395e49a9eb4a08aa53536e824adb061707876e
a1e3c9ef1a8698a5728d87f10f62acf2a1d468ae934be4b1eb9bb61adee75845
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a675db82126493bf9927ab29dba89f77e0e763622eb5f7725af4aa10b204c807
a6a59042874d68e166b3c269b6fcb0eb289e60b150e9185b91c4b1a295ec0ab1
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
ab0742e6bdc6ebd7a1cfff874f890e69ff7d69982b24cdf2e305957a36a77218
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c
ad5d6395683df0773cfe7fa4d5a43d0f80399e6000469783a2dcae9522902986
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b0e561c3506f72590b1a21c118dac105a1ad9d635159441c9a87d363b8882a5d
b1069c48f4486c249858eeb0632349e8bea1be26bd817cb04ccc38768edd7f5b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b6552568620a5884d704d9b18c8f8a6bc2e54decb6549d06a657413ccb0624e2
b815438f61abafd12ca94b89ba908cf2f0edd28f995df211bcbd5a56d3496f21
b8c33e8eac724aa04af2b1b91c2e2c7b5397b0f9e0a13f17fc4af749129d71f8
b9e843e63acdf34d5a5edbba301377df7e0089c44be896e2b36e9293227dbcda
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb28d5000b17859dbee113b7ac6558134eaf9ab5bba8b41d48c1610e8804b596
bc4ff10b35a5ba443996e0aa309f63af282a2a81a02e35705430ec21892984dd
bcbeccdfe2ee07969670ac949bbe76f1a39c292a7e174b99caf046fac15ef012
bd4a0aa78f0f13c3b3f38ee7e1b45955b3610c786dfe8c16fe4b098bf48c25c8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd910a0e75b960acc6dd11ac4d5064f949e2597fdee997ee19b0fd7f55176e56
be53e65e477f21d0e1df301be1077c090084ff561f2023eff0600841a4433c9c
bfa765a244be3a6d1d3311069bb9a4a017dc70893aca02bc84d456d52540db22
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2aa4fd8b014f21cf6d3ea3f192632801d571fc972c212e76b4ba73f7605acd5
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c91dcd67e66793ddea8b763a3c78da50ec4d04b7d5cc94907719f173f4ed6466
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
ce06db9abc93fbbaf564615a19978f8f502afa393e5d3419be4352e0e9bedd4d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d086e4fc634f27c2631032f487f49f3953fd414ed8e9004ba73b2503bdb3d2fe
d190fcd22bee0b1952bd5d85ab6db8eff58d036a0208f762a4545057894ac559
d1928021ac2964da4cb99e2cb77e08d93d00cfe849c65fbce3587231837b6c29
d1c0568a2f1737c3baf64abc858010fe0b299107e6d37d71cc4ca626fc047577
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
d64f31a7d7882e14ef4785d5d78ada986af863f9f73199d88ae332dca456540c
d7195d5522c8828139ebb1194841d31af4adfacde3686412dc8980fe2e229387
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
db355226168af7d46d5cef627cd58bac67c728ab4d22e1c6b4a47af69f8b951e
db3c4bd109137190d4a6cdb66954772cf7d0072d3e202fa6ce7ca40a2f70a65e
dbec62e0a55787482317d77c2f5d6d11eeb1b5ebe8e623f51e36dccc8d168cc3
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
e11a1b1adf786512587e757e9b095ffc77770f5a6dbaa66615398bc903fab82e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f011e9a762c0349e2f4aa73435601afa2f5b7c86634b1d13052dee04e9897d
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9567220eb5f2b07603aae51a311748502edfa671e807f99196f34af344ef306
ed1d4d391f04216c0bb57b745816793e3bf8857bd21e47b4d9ac5939fcb8fadd
ed81e6a8dec99852255e1ef3bac2e19476c3dfc9e471ff7c5f774df3642c4d6a
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee5e92ed3a0de89dee381b5e632589f00cda7391453cb06c5410d67350440b1c
eeab071d07443d491f3a44fbe2cb6c69e6bfd54cc46fed20958aace8761997e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f0f037929bfcf95fe0606b4323dc9bea9ad0dc3db752dbe3f3d1362d68c5a3ab
f18da35d2f051e5bdb3e443ebe991b7b9c4fa2878fc0259d958661fa3b7742ba
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f4cf4a7be6d7a24ff94dc4d367ddc85d8aa945cf781635a27441ba6f5dd832d6
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5536aad22eaec75feb7fea986b8f40679daefaf9ad561eb2965c756d474947c
f6407376a6724051c1eb91280a1f67067afe036b6f63a248a1008ae2b0aed13a
f81cb70496c6048f22abbdb9e711a0e514e1a246a9229e437d9945bc63318f6e
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fc1b40954bcf18cdbd01581218ad535e3e77d646ad0204f9edb7012ac9413707
fc24726b20c8cd59c45fde657406642e628fa4f0e65300ad6245c079b8cc9b4e