urlscan.io logo urlscan.io
SecurityTrails logo

getnada.com Open in urlscan Pro
2606:4700:3037::6815:1bd5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://getnada.com/
Effective URL: https://getnada.com/
Submission: On May 19 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 9 countries across 52 domains to perform 301 HTTP transactions. The main IP is 2606:4700:3037::6815:1bd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is getnada.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.
This is the only time getnada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
3 94.31.29.32 6461 (ZAYO-6461)
10 2a00:1450:400... 15169 (GOOGLE)
12 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.66 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 10 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 35.157.246.167 16509 (AMAZON-02)
1 35.156.13.167 16509 (AMAZON-02)
1 35.227.247.230 15169 (GOOGLE)
8 52.17.141.216 16509 (AMAZON-02)
1 178.250.2.131 44788 (ASN-CRITE...)
2 21 37.252.173.62 29990 (ASN-APPNEX)
2 5 72.251.238.254 29791 (VOXEL-DOT...)
3 11 37.252.172.45 29990 (ASN-APPNEX)
5 2a02:2638:1::13 44788 (ASN-CRITE...)
8 37.252.172.38 29990 (ASN-APPNEX)
12 18.203.131.238 16509 (AMAZON-02)
8 151.101.113.108 54113 (FASTLY)
1 2.18.232.130 16625 (AKAMAI-AS)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2620:1ec:bdf::45 8068 (MICROSOFT...)
33 52.18.52.16 16509 (AMAZON-02)
1 67.202.110.21 32748 (STEADFAST)
1 51.38.120.206 16276 (OVH)
5 185.86.139.104 201081 (SMARTADSE...)
4 4 213.19.147.45 3356 (LEVEL3)
1 52.207.161.225 14618 (AMAZON-AES)
1 1 88.214.206.142 46636 (NATCOWEB)
3 3 193.0.160.128 54312 (ROCKETFUEL)
4 4 185.29.135.226 30419 (MEDIAMATH...)
6 72.251.249.14 29791 (VOXEL-DOT...)
1 8.43.72.97 26667 (RUBICONPR...)
1 52.19.106.86 16509 (AMAZON-02)
2 2 52.48.137.92 16509 (AMAZON-02)
1 1 66.155.71.149 13768 (COGECO-PEER1)
6 2.18.233.180 16625 (AKAMAI-AS)
4 7 34.98.64.218 15169 (GOOGLE)
4 4 37.157.2.234 198622 (ADFORM)
1 1 185.183.112.148 60350 (VP)
2 4 35.244.159.8 15169 (GOOGLE)
3 4 35.156.143.112 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
2 2 64.202.112.63 22075 (AS-OUTBRAIN)
1 2 50.16.38.94 14618 (AMAZON-AES)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 34.196.165.123 14618 (AMAZON-AES)
2 150.136.25.38 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
3 3 70.42.32.63 13789 (INTERNAP-...)
1 1 23.79.143.202 16625 (AKAMAI-AS)
4 4 3.121.254.42 16509 (AMAZON-02)
2 2 198.148.27.139 19189 (PULSEPOINT)
4 4 151.101.114.49 54113 (FASTLY)
2 208.100.17.172 32748 (STEADFAST)
2 4 13.248.242.197 16509 (AMAZON-02)
2 18.195.155.181 16509 (AMAZON-02)
2 2 202.241.208.55 4694 (IDCF IDC ...)
4 4 185.184.8.30 204995 (RTB-HOUSE...)
2 185.64.189.115 62713 (AS-PUBMATIC)
301 55
15    2606:4700:3037::6815:1bd5 (United States)

ASN13335 (CLOUDFLARENET, US)
getnada.com
3    94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
28    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
19    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
10    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    35.156.13.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-13-167.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    35.227.247.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.247.227.35.bc.googleusercontent.com
mp.4dex.io
8    52.17.141.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
21    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    72.251.238.254 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
11    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
5    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
12    18.203.131.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
s.update.ib.adnxs.com
8    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
crcdn01.adnxs.com
acdn.adnxs.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
vcdn.adnxs.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
33    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    67.202.110.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net
pixel.33across.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
5    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    52.207.161.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-161-225.compute-1.amazonaws.com
jadserve.postrelease.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.19.106.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-106-86.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
6    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
4    35.156.143.112 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    50.16.38.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    34.196.165.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    23.79.143.202 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-202.deploy.static.akamaitechnologies.com
stags.bluekai.com
4    3.121.254.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    208.100.17.172 (United States)

ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
4    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
61 adnxs.com
ib.adnxs.com
secure.adnxs.com
fra1-ib.adnxs.com
s.update.ib.adnxs.com
crcdn01.adnxs.com
acdn.adnxs.com
vcdn.adnxs.com
418 KB
52 googlesyndication.com
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
250 KB
38 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
222 KB
33 gumgum.com
g2.gumgum.com
rtb.gumgum.com
10 KB
15 getnada.com
getnada.com
385 KB
12 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
11 openx.net
us-u.openx.net
eu-u.openx.net
3 KB
11 lijit.com
ap.lijit.com
ce.lijit.com
11 KB
10 googletagservices.com
www.googletagservices.com
335 KB
9 servenobid.com
ads.servenobid.com
public.servenobid.com
5 KB
8 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
51 KB
8 google.com
www.google.com
adservice.google.com
945 B
6 criteo.com
bidder.criteo.com
gum.criteo.com
2 KB
5 smartadserver.com
ssbsync.smartadserver.com
1 KB
4 creativecdn.com
creativecdn.com
1 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 360yield.com
ad.360yield.com
1 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 adform.net
c1.adform.net
2 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 1rx.io
sync.1rx.io
715 B
4 2mdn.net
s0.2mdn.net
236 KB
3 zemanta.com
b1sync.zemanta.com
2 KB
3 rfihub.com
p.rfihub.com
2 KB
3 33across.com
pixel.33across.com
ssc-cms.33across.com
3 google.de
www.google.de
adservice.google.de
394 B
3 buysellads.net
cdn4.buysellads.net
234 KB
2 socdm.com
tg.socdm.com
1 KB
2 emxdgt.com
cs.emxdgt.com
2 contextweb.com
bh.contextweb.com
766 B
2 deepintent.com
match.deepintent.com
60 B
2 technoratimedia.com
sync.technoratimedia.com
586 B
2 ipredictive.com
sync.ipredictive.com
856 B
2 stackadapt.com
sync.srv.stackadapt.com
782 B
2 outbrain.com
sync.outbrain.com
1 KB
2 quantserve.com
pixel.quantserve.com
916 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1012 B
2 criteo.net
static.criteo.net
51 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 bluekai.com
stags.bluekai.com
1 KB
1 adotmob.com
sync.adotmob.com
684 B
1 sitescout.com
pixel-sync.sitescout.com
270 B
1 bidr.io
match.prod.bidr.io
430 B
1 rubiconproject.com
pixel-us-east.rubiconproject.com
239 B
1 admanmedia.com
cs.admanmedia.com
394 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 onetag-sys.com
onetag-sys.com
818 B
1 4dex.io
mp.4dex.io
1 KB
1 sharethrough.com
btlr.sharethrough.com
111 B
1 googleusercontent.com
lh3.googleusercontent.com
7 KB
0 tremorhub.com Failed
partners.tremorhub.com Failed
301 52
Domain Requested by
32 rtb.gumgum.com ap.lijit.com
g2.gumgum.com
rtb.gumgum.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
21 ib.adnxs.com 2 redirects cdn4.buysellads.net
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
19 pagead2.googlesyndication.com securepubads.g.doubleclick.net
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
15 getnada.com 1 redirects getnada.com
12 s.update.ib.adnxs.com secure.adnxs.com
s.update.ib.adnxs.com
12 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
getnada.com
tpc.googlesyndication.com
11 secure.adnxs.com 3 redirects tpc.googlesyndication.com
secure.adnxs.com
10 c2shb.ssp.yahoo.com cdn4.buysellads.net
10 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
g2.gumgum.com
rtb.gumgum.com
us-u.openx.net
10 www.googletagservices.com cdn4.buysellads.net
securepubads.g.doubleclick.net
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
getnada.com
8 fra1-ib.adnxs.com secure.adnxs.com
tpc.googlesyndication.com
8 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssbsync.smartadserver.com
g2.gumgum.com
7 us-u.openx.net 4 redirects ap.lijit.com
us-u.openx.net
6 ads.pubmatic.com ap.lijit.com
ads.pubmatic.com
g2.gumgum.com
rtb.gumgum.com
6 ce.lijit.com ap.lijit.com
rtb.gumgum.com
us-u.openx.net
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
6 www.google.com 1 redirects a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 ssbsync.smartadserver.com public.servenobid.com
ssbsync.smartadserver.com
5 acdn.adnxs.com tpc.googlesyndication.com
cdn4.buysellads.net
5 gum.criteo.com secure.adnxs.com
static.criteo.net
5 ap.lijit.com 2 redirects cdn4.buysellads.net
ap.lijit.com
5 a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 creativecdn.com 4 redirects
4 match.adsrvr.org 2 redirects rtb.gumgum.com
us-u.openx.net
4 sync-tm.everesttech.net 4 redirects
4 ad.360yield.com 4 redirects
4 x.bidswitch.net 3 redirects rtb.gumgum.com
4 eu-u.openx.net 2 redirects us-u.openx.net
4 c1.adform.net 4 redirects
4 sync.mathtag.com 4 redirects
4 sync.1rx.io 4 redirects
4 s0.2mdn.net a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
3 b1sync.zemanta.com 3 redirects
3 p.rfihub.com 3 redirects
3 crcdn01.adnxs.com tpc.googlesyndication.com
3 cdn4.buysellads.net getnada.com
2 image6.pubmatic.com ads.pubmatic.com
2 tg.socdm.com 2 redirects
2 cs.emxdgt.com g2.gumgum.com
rtb.gumgum.com
2 ssc-cms.33across.com g2.gumgum.com
rtb.gumgum.com
2 bh.contextweb.com 2 redirects
2 match.deepintent.com g2.gumgum.com
rtb.gumgum.com
2 sync.technoratimedia.com g2.gumgum.com
rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 sync.srv.stackadapt.com 1 redirects rtb.gumgum.com
2 sync.outbrain.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 www.google-analytics.com getnada.com
www.google-analytics.com
1 stags.bluekai.com 1 redirects
1 sync.adotmob.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 match.prod.bidr.io ap.lijit.com
1 pixel-us-east.rubiconproject.com ap.lijit.com
1 cs.admanmedia.com 1 redirects
1 jadserve.postrelease.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 public.servenobid.com cdn4.buysellads.net
1 vcdn.adnxs.com tpc.googlesyndication.com
1 bidder.criteo.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 btlr.sharethrough.com cdn4.buysellads.net
1 lh3.googleusercontent.com a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
0 partners.tremorhub.com Failed googleads.g.doubleclick.net
301 74

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
chrome.google.com
blog.getnada.com
getnada.comm
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-30 -
2021-07-30		 a year crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2019-08-23 -
2021-08-22		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
mp.4dex.io
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.servenobid.com
Amazon		 2021-02-12 -
2022-03-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
update.ib.adnxs.com
R3		 2021-04-07 -
2021-07-06		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
public.servenobid.com
DigiCert SHA2 Secure Server CA		 2020-08-26 -
2021-08-25		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh

This page contains 58 frames:

Primary Page: https://getnada.com/
Frame ID: 4D1F3C4461C436D134F8326907512631
Requests: 55 HTTP requests in this frame

Frame: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0249E9718D7964DB145FD0109573AF72
Requests: 14 HTTP requests in this frame

Frame: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A474EE9C60C38C3D4C441AF6E629CAC8
Requests: 15 HTTP requests in this frame

Frame: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CFC4711D196143542DB586F944B188C2
Requests: 14 HTTP requests in this frame

Frame: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DE10E36E0C8D534C1A8CF0ED07F8E75
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiYwviVATAB&v=APEucNUzC7wowH99BOL3GUtatSIhjM5WywUD-O5aOs1DjFh0fwoGnqDaTXhr49Xq54fBB5GK7yh5Xv6U3I_MjkA-z47u39gF-9dzibBLVS-K996hO3VFj6bC46WtxyUcQnmeLF1JmMjo
Frame ID: 093912CB21D65B2D34D2C28E269734A4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNXjGYjgv2nIkk45U7udJbduaVWV9eQ2NuNCsDJihs0j2uRFDDcpBt13aG3oMFDKLJ6d6T9dKuLGQZzAllY2q-nt7avunMDbQsZo1gUsOM6SkJTBX7ELbMKDrcn0YZmEAfJrZDNQ
Frame ID: 93437BF7527BAAE51B197E0CA02E6231
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNW9Qe1nTNH9aQLk6T7aIHAXqfiM2pf3IWaNZBOuhkpFkmQXRBmeZS5OJxkhgJPsy7jaH75DSQgeF1cyCHimD258kpLRRCKvzx0W3fy7RJbiVyePqz6DjjHozk7zpZ_eHOOOJhCY
Frame ID: F88CFE8784971016178FCFEEC746DC19
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7B8A8F1AF246FF36C0EBB4D6EC9405E8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC34FFDBDA86BAC08D52D8DF439D86E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: EA48BAD705F577DB95F31D2E2D73DD9E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0FF276E289A7B22DA48EB846BFDBA6E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE92C27E689E6EF50ADCF93988BBEDDC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 368F962DBAE06C1399216098D29E26D8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E3722B724B1D1FB883D66E28764E09B9
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D10ECBB15AA9B76A894CEE7D24AADB85
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A0F7A41E2672ADBD44DD7AA1710F2990
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7AE4E3F22ED4196D50AABA033A57B25B
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Frame ID: 770C39AD5A33619B592A8D2FD997DEB9
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Frame ID: DBCC48BFE7E363231A91A1D62A59FF28
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Frame ID: 9F02390EBA3A6142F6946CDA83FB7533
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Frame ID: 82424027C1A92F1029AB3E6E1B084F22
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: FF1202A1397290AA15AF359D4DBA631C
Requests: 1 HTTP requests in this frame

Frame: blob://https://tpc.googlesyndication.com/e2d0cbfb-eaef-400a-8c9e-7ebae6a8ecc5
Frame ID: ACD2BCCBD4C85AD9B4E8B3FBB8D904FD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=getnada.com
Frame ID: E20F4EDDE4C2A89ACCF29B326062736C
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=8128488
Frame ID: DFF5C2F085F9F24FB561E8B8311A5E98
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 36E2D52DEA1409C5052A3E53B251BBB8
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6F0EE50F3284AF6E959A8D146AAA496A
Requests: 7 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 722ECDA257713650D764D77475962083
Requests: 15 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 1272DB7119D8D5986C35F07BE111A4E8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3CF9B4400A58374417CE35E368996CD3
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: C7518135CA9325F240C2F83C6D915C9B
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: F148AB5695F402E676F9BC9544CAD264
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: CC14FF1CE0A382A41D0E0E1E433FDFE8
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 19053B32EF6DAD0686700F9D7B7593A9
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B68AE48978E44955E7BF24CC64148650
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1dad60a5-4059-4000-ad76-7e1d6e90782a&gdpr=0&gdpr_consent=
Frame ID: B22DD2F32983DF459A4C1AA4F5E12E2E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgAA8zuPHQBg&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
Frame ID: F0D75A7A2BECFE667DDFB49CACA5BA03
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MDA5OTg4NS1iMmM3LTRmNmUtYTFiNS04ZWUwM2E3YmE4MTI=&gdpr=0&gdpr_consent=
Frame ID: E52D0F8B8648E686C61973BF2FDDB76D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 1D5316475A8834E9A755E034BB14AFD6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 778FB4B4C61526BAFA304EAF122A89FC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=36910431-7577-4183-b2d9-d61d13afd0f4&t=1624034650
Frame ID: 2458C2D09983D0A9C138891FE866D1F3
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: DC19D3A25E266EBF383826237B85A302
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YKVAWsCo5sEAAJz9TqEAAAAA
Frame ID: BD7D86ED9FB2471442AAF8AF0A09DD00
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Frame ID: 491E7F111CE573220B40F3CF2B82D0CD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
Frame ID: 07F987EB25C8034C4574EE1D3EE8CDBE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Frame ID: 9BF8169577E88B30ECCF0EABEEAD50E3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgABF2PDQgAC&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
Frame ID: FD966B51DBF226FFD6D1AF4E7355F266
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kZTM4YmY0OS00OGRiLTRhMTctODdlNy1hMDA1MDk5YWE2ODk=&gdpr=1&gdpr_consent=
Frame ID: 4DB1707F991C3B64FE5AE4ABF4FB7B39
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 93114D7C16D96995F473D4744B0820F1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 2DED243EC4A3CF8EACD318C1569A11CD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: F692A0892B6E46A4A4F8539A8EEE082E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 6ED17332473A3824A59E712544C3C726
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YKVAW8Co5sEAAJz9TucAAAAA
Frame ID: 3A57596E6338DC0F7A13521C6E473264
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Frame ID: B464147DE8548BE66C43B78CB05F9083
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
Frame ID: CBCAC9DAEDE0CB5847E3D512A79F5F9E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B56EA07149DE6368497CC315DAF9270E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C0C9998A673E8ABD369E98FB89B0B1E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://getnada.com/ HTTP 301
    https://getnada.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<div [^>]*id="__nuxt"/i
Overall confidence: 100%
Detected patterns
  • html /<div [^>]*id="__nuxt"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

301
Requests

97 %
HTTPS

28 %
IPv6

52
Domains

74
Subdomains

55
IPs

9
Countries

2246 kB
Transfer

5784 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://getnada.com/ HTTP 301
    https://getnada.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
Request Chain 100
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 225
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7064607801522333952
Request Chain 226
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=f772ad08c6b7c17fc72b52c8
Request Chain 227
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 229
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=ce10ac91ea963697ad62f315bbb42bef7be96d93
Request Chain 230
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=875739026907860051
Request Chain 231
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=f772ad08c6b7c17fc72b52c8&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Request Chain 233
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=Zjc3MmFkMDhjNmI3YzE3ZmM3MmI1MmM4 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 235
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 236
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=f772ad08c6b7c17fc72b52c8/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=f772ad08c6b7c17fc72b52c8/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=bf1cee85c1f7b74d5b5204fdff0fcc34&gdpr=1&gdpr_consent=
Request Chain 237
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 239
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Request Chain 242
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=1395914398595254094
Request Chain 243
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7064607801522333952
Request Chain 244
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D66%26buid%3D%7Bamob_user_id%7D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=063f220431d77f753294edc2
Request Chain 245
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D100%26buid%3D HTTP 302
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D100%26buid%3D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=fd01a31f-3529-0aa7-37b5-32f4a5d602a5
Request Chain 247
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
Request Chain 248
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=k7gWyJG4QsSIvRLEl7haz5e_EsSI60CfkLHmNBdW HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=f55114cd-e66c-4cd6-b2f9-f9ad029ca08b
Request Chain 249
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29
Request Chain 250
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=901435d1-5a6d-4842-99f4-142e2258984b
Request Chain 251
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-bb480fbc-0a45-4ed9-580e-b450bda56f22$ip$195.181.174.89
Request Chain 252
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-c68kgZdE2pfhsrn.aeYyImo0gqxvVP0Bmdp4~A
Request Chain 253
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=6f0f3ad1-b8c1-11eb-a500-c5cb60f9cae5
Request Chain 256
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=h1TdSVWXv4QEgDLNwvlA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22BRKRSFGVSXLB3DIUKFM5CEYTTXOZWECJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22BRKRSFGVSXLB3DIUKFM5CEYTTXOZWECJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=h1TdSVWXv4QEgDLNwvlA&us_privacy=1---
Request Chain 257
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
Request Chain 258
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 259
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=Eh7qIONUwkFe&ev=1&pid=558355
Request Chain 261
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1dad60a5-4059-4000-ad76-7e1d6e90782a&gdpr=0&gdpr_consent=
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgAA8zuPHQBg&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
Request Chain 266
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=36910431-7577-4183-b2d9-d61d13afd0f4&t=1624034650
Request Chain 268
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YKVAWsCo5sEAAJz9TqEAAAAA
Request Chain 269
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Request Chain 270
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
Request Chain 271
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
Request Chain 273
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29
Request Chain 274
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=3d1ebbaf-288c-0659-0e85-233bbfaaf53c
Request Chain 276
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-2_xhIy5E2pctnikerQXUiugxs4jmYmq0SXKR~A
Request Chain 277
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=6f1ea451-b8c1-11eb-a1e5-3fd456ab067d
Request Chain 280
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_de38bf49-48db-4a17-87e7-a005099aa689&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 281
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
Request Chain 282
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 283
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=MET72o1a5tdM&ev=1&pid=558355
Request Chain 285
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgABF2PDQgAC&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
Request Chain 292
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YKVAW8Co5sEAAJz9TucAAAAA
Request Chain 293
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Request Chain 294
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
Request Chain 299
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9fba60a5-4059-4c00-9333-9392255e91a7
Request Chain 300
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=sA8lKbIPcSWrCiEltA9pLrQIISWrXHN-swYEGkYL
Request Chain 301
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5762065989904887101
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0NjQyNmItYmIwZi0yZWIwLWViNmYtNWU3YTIwZWE1NzZk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0NjQyNmItYmIwZi0yZWIwLWViNmYtNWU3YTIwZWE1NzZk&google_tc=
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGKgf-2i4uoanVOoJ3f0YBI&google_cver=1
Request Chain 306
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

301 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
getnada.com/
Redirect Chain
  • http://getnada.com/
  • https://getnada.com/
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getnada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38cd8e5baeafdfd1ea7b9466a81a162313eb28913f6e4a87422e8c625c0c105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
getnada.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
0a271c601a00002bf29da52000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rYcN5DbnrKEbBCas1%2FxeQ2%2BQx9gHrNCo7L4r3RwT2z12SnjuULHEjgBBgxSbecPdCGse3Bxu16v4BCX%2B23M%2FjToCnwUKUdAhfIptICz7ENPGR4in6HxC2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
651ec9aceb542bf2-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Wed, 19 May 2021 16:44:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://getnada.com/
CF-Cache-Status
DYNAMIC
cf-request-id
0a271c5f310000d6edd58b9000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zt8Pl0CihIWhxB1X2UiYoXl38fzOfXqcw4Kg%2FKCTifnGnDO379EPWMRNCfpj3raV3Q4vTFTVWC9BsV6BNkzfxDWWEiQKEtKg%2F6Mp%2BnhRdZ6uzu%2Fy%2F3GehQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
651ec9ab8827d6ed-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
279974b.js
getnada.com/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/279974b.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac44be485717073ab02251096c4cb630bb3ff4bd9f6a4e647e6dbcb4344505e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/279974b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60a90000325cc7a27000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"144d-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T6LTju96cZazSLvkbjtEbI1%2Baik6ZSwSchf0EBeiNrFWwZsOaQrkP9zk%2FGFCeRQ4EKEui36lhWpMDr69xnYSeTy%2BzBPZmm3OC%2BO1q9CBk22OdqvyE8k80g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb3d325c-FRA
6891d3f.js
getnada.com/_nuxt/ 		230 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/6891d3f.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e3342657f8e25ca8fc5a957f3831ccf73eef61cefc758048cb98f6e985b1a6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/6891d3f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60a80000325ce483c000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"39953-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HvM8HfxHmHWT6QM6nL8I1rF%2FNC5ppo7%2F4cMSsBQB5iortq5%2B34PYyaJu3V5hwpDqFnhNTviDI%2FDqRgRRxzw1DlTQ9R9hxcJQCg4nWTjuIZk2tCU6Fiepqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb38325c-FRA
101b3fe.css
getnada.com/_nuxt/css/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/css/101b3fe.css
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9d2ed4da4771f4e9b69b8bfe933f92cf15734eed94523f4da9e7e23b73eb32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/css/101b3fe.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60a80000325c8025f000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"75e1-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8aB%2Bwo%2F4pKzaJDpe4iITmw4r%2FBCqBona8NBzhBG38LoWpLibjLX1hFDKF%2BNNWpRC%2FR30toRc99WXQZkp3HHVeUGX4xL4ppb8LUfgv1ytEKB6EDxMGeU2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb3b325c-FRA
1ca74f8.js
getnada.com/_nuxt/ 		843 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/1ca74f8.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aba14b543ac92b14fc6bbf23236ec23ec40af2239a0a69f92f7be2ad57617cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/1ca74f8.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2316675
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60a70000325ce483b000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"d2a04-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kYTx2pmAcmprczOu7%2BfbOfedGNH5fjoyxdLUZXmt5UHuDb%2FT2mK%2F7UpXMocxytgtSMFohQa4iaUA6CV3pgtVOUfpINbkynDgfii89cY54Hm1RsnlzmcEAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb36325c-FRA
b005f86.css
getnada.com/_nuxt/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/css/b005f86.css
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af7de9ee55f3660185be051732dc26fb49bc8d428ae93d55bd78bd1da272e3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/css/b005f86.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60a70000325cc41cd000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"68c-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y1ULtSDqHttPVz1zd1bLF%2BSj1GwsNQTHvHQaresz1733rYTJP0%2F%2FVyVCMsHJMbVJOLQNwoQFKYgRbz%2Fl%2BtWAbaLpWWbvhU9dgDyIKTuFcebzU6wHLso1wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb31325c-FRA
bc77481.js
getnada.com/_nuxt/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/bc77481.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74e1a0d722953dc380565c08d0a696e5a866d7df319fbbab293dc669b8646b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/bc77481.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2316674
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60aa0000325cc41ce000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"11fc2-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cgeBPvy0xxiaTdffDUFct5eGJnZCNpMxiFj0oo85mirGtXH34yWi%2FXUrHFO3g3sXSuiNoCZJjh9Yu1oy44vFnHeb3h5%2FJX9g6ij07LPw9C9T7JBCyPqZqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb41325c-FRA
8dcc11d.css
getnada.com/_nuxt/css/ 		198 B
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/css/8dcc11d.css
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce96a7fdb9be93f7bfbcde783d45f6d566594e389c9610e0bcb0462f6d89d30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/css/8dcc11d.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60a90000325ca528c000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"c6-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AwL5cCi%2BDZYcDuWO%2F0%2FyFZpyXvEkENh2iwcjLUN%2FqW6uTJJPObtMcsVtWGOusODnRXAPOA7HIrIT80L2oXm1C4skkunOZlRYFxUAsg4j0bhQYtZ%2FaEBp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb3e325c-FRA
55461cf.js
getnada.com/_nuxt/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/55461cf.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f3abdcc60ce1214997ffa0f2503a14d196d0cd5e73e28aa444abcee9f7997f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/55461cf.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60aa0000325cd0a30000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"8d55-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h3mXdmrA5BK%2BFeXEsU3OcLrBX95cwH3GlJ4qU4Mtrq1lJ0PUQXd6qDCtTmD9G9%2BTrowg4AYhyxJOie5uXF5vVvQXBbS0ehtUipbwZuWuQL4GuUv0FfWu3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb44325c-FRA
88d786d.js
getnada.com/_nuxt/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/88d786d.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae59c580d83a1b04dbfc57216b6e5d82d9bf299cc38104c5190ebce9327c0ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/88d786d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60aa0000325c9e3d6000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"5621-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WKMVTWD4EpFB7JdL3ycmyEqoH%2BPMJ%2Ff2O0LVXsvM6E9Jxwqht5%2FFGWJWEhAEUzH9472P5GlVYSsa6gtsSdUxEJwzO48f78aVkNIlnBz4QGNQs3Yaxxbh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb46325c-FRA
79ce1d7.js
getnada.com/_nuxt/ 		173 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/79ce1d7.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb579888f4d755da7fc7443d9677be85460172631d1f17f6e1bdc8eacd589b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/79ce1d7.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60ab0000325c9629e000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"2b48f-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q80ewPDsh0gEegeGPhGcgwTDvi0tO1jsgkwz8UVlf%2FEECKB8cupMzYjm6xds%2FmVEgE6c94SINenTj%2BTAh9gwniLEzxvlpv%2FPE9%2Fx6ql9is69EeC5bFsL5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb49325c-FRA
4ef94d8.js
getnada.com/_nuxt/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getnada.com/_nuxt/4ef94d8.js
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdffd316eac9d2bc3729d3ff4405eb607fb2fd4cbd7d973171dffcc920b8520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/4ef94d8.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2287599
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c60ab0000325ce483e000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"3f4c-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lkHo07Q%2F9tR1KNaC0UXm3lSMyBaewU%2BWsQPiQupV7TrLSEfvacA7l2JemDg3c564CWpwA%2FtbH3O3Pi4BvKnVucsJbXKAUk3wxTMoVapO3C8h9QpiUwpF9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
651ec9addb4a325c-FRA
getnada.js
cdn4.buysellads.net/pub/ 		732 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6986f9bd0a3f97180309b0096bbf54b8d771be46c566ae2c5161ca86dfff17b0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 16:17:05 GMT
server
NetDNA-cache/2.2
x-amz-request-id
SJS8RQYX3FDGF51W
etag
W/"7a498f5745ae724a7cee77eabd733731"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
5ZXDp7YS9I7oDaksI6RgY/494TcXuCsunlBN1ciSam2Cl6Mg+4rn0RpGDFsU4qCjkxxueK2Zew4=
expires
Sat, 14 May 2022 16:44:04 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad35eab5d65725ea3bc3743e3497bae5800e47a8e6fab22dcd9f8a31c947f69e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"876 / 712 of 1000 / last-modified: 1621442467"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21352
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:04 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.078295854655338
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
GC4F0BP9HZ4J3E7A
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
Wz3j25/0pHkdMf0LvOb4C+wQO1t6TJtaWiEzkbVpellgLLi7mMnI9F4WWCsutnQfSO6/PkYz8Fo=
expires
Sat, 14 May 2022 16:44:04 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.078295854655338
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
GC49XRCDR9PDW8EJ
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
yYOcBmwtchhSIX8Q1T1tciMan4zNWFOFI/Nycj2ptZjfTjdwYI1grCg+gwQf9TNGvvziXjVF6r8=
expires
Sat, 14 May 2022 16:44:04 GMT
pubads_impl_2021051301.js
securepubads.g.doubleclick.net/gpt/ 		306 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 08:39:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110161
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:04 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: getnada.com
URL: https://getnada.com/_nuxt/1ca74f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4448
date
Wed, 19 May 2021 15:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 19 May 2021 17:29:56 GMT
domains
getnada.com/api/v1/ 		781 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://getnada.com/api/v1/domains
Requested by
Host: getnada.com
URL: https://getnada.com/_nuxt/6891d3f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89c9b1bd4eeda36ac7bf966370d9d3045fdab2128dd35bbc59460ad318687c7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/api/v1/domains
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c62130000325cd92cf000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=97y0wmaD%2FjQGrXgAxkk5kGilru8Md7KOltdE1GFddS4poMi56wAjWUYN9d%2FMZQpsRaDOAEij2UapW1jxDxRD0weAnjQqmSug1wx%2FcWfN7dnn7NYmCmiVsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
no-cache
cf-ray
651ec9b01829325c-FRA
puff_dark.ca278bf.svg
getnada.com/_nuxt/img/ 		0
0
puff_light.a8a9edf.svg
getnada.com/_nuxt/img/ 		1 KB
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getnada.com/_nuxt/img/puff_light.a8a9edf.svg
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e8d5880fa5b8742dcb299240ff70e7cb9ed62cd3685584287fa7bdcc40d10ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/_nuxt/img/puff_light.a8a9edf.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
getnada.com
referer
https://getnada.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
2433956
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a271c62150000325c7c0bb000000001
last-modified
Mon, 22 Feb 2021 19:25:03 GMT
server
cloudflare
etag
W/"5b5-177cb33c298"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z8mjYrkG71ZfW9AVhmh1xhyBBnC2X48tRlg7sFZwmg3DlWYkTJXkLx1mUMdMG%2FVVCMgcQcQqy%2Fs94VFSYVpFT6Q2Qv9H4aqVHE%2FCUE8yzNBCVRG1qtVnfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
651ec9b0182e325c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=399601071&t=pageview&_s=1&dl=https%3A%2F%2Fgetnada.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=nada%20-%20Disposable%20Temp%20Email&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=1259640543&gjid=1576491010&cid=2134984649.1621442645&tid=UA-88483116-1&_gid=1063105226.1621442645&_r=1&_slc=1&z=612121590
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getnada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-88483116-1&cid=2134984649.1621442645&jid=1259640543&gjid=1576491010&_gid=1063105226.1621442645&_u=aEBAAEAAEAAAAC~&z=434006558
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 May 2021 16:44:04 GMT
content-type
text/plain
access-control-allow-origin
https://getnada.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-88483116-1&cid=2134984649.1621442645&jid=1259640543&_u=aEBAAEAAEAAAAC~&z=1831672913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-88483116-1&cid=2134984649.1621442645&jid=1259640543&_u=aEBAAEAAEAAAAC~&z=1831672913
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=getnada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=getnada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2093957222092118&correlator=1457421006619030&output=ldjh&impl=fifs&eid=31060988%2C31060413%2C31061142%2C44743003&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210519&iu_parts=8691100%2CGetNada_S2S_FixedFooter_ROS%2CGetNada_S2S_InContent_ROS_Pos3%2CGetNada_S2S_Leaderboard_ROS_ATF%2CGetNada_S2S_Leaderboard_ROS_BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C320x50%7C300x250%7C728x90%2C728x90%7C970x90%2C728x90%7C970x90%7C970x250&fluid=0%2Cheight%2C0%2C0&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1601655185472-9_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1603135851093-6_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1603400042784-1_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1603400082904-5_123456%26optimize_inview%3Dfalse&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Dgetnada&cookie_enabled=1&bc=31&abxe=1&lmt=1621442644&dt=1621442644740&dlt=1621442644119&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C778%2C564%2C436&adys=-12245933%2C828%2C574%2C16&adks=4065119108%2C2838864979%2C4165432093%2C1779617747&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgetnada.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C456x80%7C456x80%7C800x256&msz=0x-1%7C300x0%7C728x0%7C728x224&ga_vid=2134984649.1621442645&ga_sid=1621442645&ga_hid=399601071&ga_fc=false&fws=640%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=-1%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
b582b6811a8bf6c1bda11c9befe6709b92e85c98d4392cfc284b6b51d9afeef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41717
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getnada.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0249 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:44:04 GMT
expires
Thu, 19 May 2022 16:44:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A474 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:44:04 GMT
expires
Thu, 19 May 2022 16:44:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251140663589"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27994
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:05 GMT
container.html
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CFC4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:44:04 GMT
expires
Thu, 19 May 2022 16:44:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DE1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:44:04 GMT
expires
Thu, 19 May 2022 16:44:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44f72ba96e2cb21757ada360b4fc9c847784ff5cfaa2582ef868ea2707ca598d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7636
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0939 		266 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiYwviVATAB&v=APEucNUzC7wowH99BOL3GUtatSIhjM5WywUD-O5aOs1DjFh0fwoGnqDaTXhr49Xq54fBB5GK7yh5Xv6U3I_MjkA-z47u39gF-9dzibBLVS-K996hO3VFj6bC46WtxyUcQnmeLF1JmMjo
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff016a7705bb98e34908e41f5db86978ffbde1ef819d57c2708b3c8091ed0e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMXlgQEQ1K6oAhiYwviVATAB&v=APEucNUzC7wowH99BOL3GUtatSIhjM5WywUD-O5aOs1DjFh0fwoGnqDaTXhr49Xq54fBB5GK7yh5Xv6U3I_MjkA-z47u39gF-9dzibBLVS-K996hO3VFj6bC46WtxyUcQnmeLF1JmMjo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 19 May 2021 16:44:05 GMT
server
cafe
cache-control
private
content-length
149
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkywap4WvcBVhPvfXIDnJK1TIjcKm2dYxhZ5kbk-MMCxbffRh3FPttut_VN; expires=Mon, 13-Jun-2022 16:44:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 16:44:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A474 		43 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7XMDkq9sLOCVlhY8pEc8gOW7mYnnv7bQOt6yD4YyjNstn09JMFzzb5ZcFBYmSBpFlcbcDVkN5khsHafyn074VgaBg9rZHFbhmplOYnZLN1henmKRR8qeD0TGKnW5ArCmoDF8Wgz69iMNWJkLLIXVlQoPW6w&dbm_d=AKAmf-BBktXEzCF8D6gibSSWw3lgNRpdSesi0ADoQOaUY4VeCY4mkOTgKWKWfUjWwaNVy03Asgq-c7h5ZQBNdmFGqbdLXWmsXxVXI8dybft55ZXIcugU-bsXkxpjJ9UKpExceqKgM_nlJM_nLmCoMv6zFZlWvE0QJsV7bxqmsD3PVxam4B3cOnHr86I0S5nFVwfiLbAA6wpp6kkoEyuAoGLctx5sAVbRAArJ5GwY02P32kHUTnqh8dl6NNKtJYfDESEgFqz1vYxMKnpzLJc55fg6QCCAhxKALe0b0LJdhu9BlalN-EQe1NUORyPhLslNGflY1_KqdzPmAQ3EHAeffcKtHZnOdvNwxvUbEppVA39oRVA5b73DhpSS8FCesStGPGdh70fiALxKMIR0f8H0TWkfaS2PipEmbKK77vYfc8lLlIiaQ28jqV0IJgFkJXfD1exTvoBcZOA5nW3ZgEYrcBmRJH0sSpMd8uY3r8f3yoZzDIhMLSLdS4IvWGGzJwUM3eZR1iqMBjCkpHJkWMr2BS7UUaz-uOug4E7GA8Atqli0XZv3WT6Qs0tHqaXWBBJG1AIQp5HhSyP4WiGHjjgkSmdXqOhhpb2EVSwOuuUV4_y5iA77REEOxnKFxfAepWDHjYz-sYH0Lzg8WCLwBeQr7SbzXmaFhNBnMqLZeB6mXPjVX0wgTKpxU0pGdVp0Sm_XTWwxx3xLq7FdTblOE2Vvmm6b2LpcRz7PE5tQcRgqpu6dYrj1ZeMujXUrK9F1g3NajPeufVRI5k45fjxZ3XnqpIdGL38DCLAC8DFaqix41zN_R_I7H8P6yozT7w6-Q2ZuwpVXu8aBM3KbN9ZbXFrK2LxHrSuBe40Q-Vg8rMjA0aDTC582F9DE3amPLwAiKLTgVJA_PhuOA7Qq3K4QklUL58f99V9gdWqrJbX_FVHXhVv8SmsUese9zqHogWo4G1VmDKucwzT-nsfnIkCOggN6LNkhHqU75sZs_D1hZB0IMrw2FG3MNUtMHzpo7zg9goU4K_gQdN0dZNWW70COfieMeRrlxe5rvC3SkhGQK9kqISPnpBhPZUVUNzcnWwqanAUtb_e5heOec-6y0IulVqm5LHpYihzsnSg1oWPcRZj0qIOK3DzIhcpxEOVtgSOeF6PAVf6Dpw_P8k6ag9UQ0wh3VakBAGK5NzLjly74U60rupOkmwOIZIUCr01Hch7tugP7wxTGmA9ROv2saUtb481yWBjL2To5zZDiLPzZyvK6n3WrPG_t2Gu1chkCMJz3vAAKnVCzI05YXtpDjbj0Zgf-S_Pe7l8kXcsZlOwVQEf5nxSPhc1G3uz0BWM4tT72ft74P0pH6440NMjEdysShFbx0aXGAIlXqLNfLsRiLG52z8Y5bZ4oui4firv5iGZ_iZP61obdFDUsf6zFJt0vGVa_7BTPCgyqc_uoI5cFCmXP5JJo67d9fIgK-THvDGi3Eb4OW422rLARwnlmgWR3i6DwIA5UOB3qO8Ljzv5ROgGDZ3FhwJ4XK6hQDEyMjDu0PUisxPCBaW9rPca-Lfy8oAe7UvLTzwoJ56ZEXrhKRafQkhd_WEiTnsyMqXjQWlu16rriDXpUWuE0D3tRsg1LELEAcv8YuY9ByvJRnRLANKxHC30UCLLygd8ZzgodluT9OJVH8WhqmVx-vUjlyWX4ZV-JS7IHU_sCT6AMQdvr-tnrkSezgkpJFxZLZbofhFCQ7UbyQTMZ5xLQbVwbp6cjfidoUWEP_c9Wgw2pb7kOLWjd5nRUIDaTP2FbLZYz7N1H8PXYQMKEHTO7c21NJ179TOOswNJ9oanklhes8lL8LVwhDvyLz_eSrRbmrhCxkjOaYSK5EvOnoJjOEBHYQHMKqtW7SfqHaAa3CuOUeA6D1Nm4eIhxr6CmxUvNs9CmKjWYlDhw5oCddBFjuhr_pKnw_xvBNJyX708jy6I9TJfGH6twWjX1wJrKur82xriw84AJ6vu9ytCO45HqatBlIDr4BJGjudSBSeWAsNgLxl1d8qG5xyZr03q2dBsfxQ5UxwprMSXsHDIOji8gHjm7aSIL4u6uMvF6ZD4iADUx8hrsUV7ojQb-8m_uMbFrUb7J-1oYTzt6IMUSt8BLHUTgZFhe5YFneWpHeeWFkKSO-ffppP7GAZ6WqHFvtLOzrNa6kaJ-2Ag8SaqY8C_RkZn0HT9Yj3fiweaNyrMEtJ5SOIum1QiOE2XNlNnw6c83aRwmB6Y45R_ZHFnorvKlK3mklH31XDoPSL98dlPdJNDpSRpmzGG_Jc4ZJm-D68wdAsb9u3RCuATgx3eXBkezqL35z9PfU6NRVG0kAfDU1VO1VpWQFbghbGFl8s5gAMQ4k3tmMMbVR9vCo_qL2XPGajZsHnCDF7QZqHrmkUTR65KZe6V92QgCLzTgJ99pqhgn2CHXcrs0t9MFuJWDFwoUtp4EpZpiUA9ZsLJoQYT-1AEME4GCKszPVxePU44pDsMtZK33HRX1E-AlSkpPv1RzSIvTivw0ArhCFbo6pGs6rU5-SxoX95prSoW0lEs-u3UUK_DhK30jrBVCjIyj4SxIHuisrc5xM35Nj1b3HuAClbROU5FVIyr435f3khfM-TA6pr3pO0UcHDb-m-rz0AbAs8HSBOF3eT3Nq0WGHf-mPZExyZAf6ywpwVHZ5Y7duLGonTSVnk_RP2rZSPudDmUTI-5WLKPhqd6dEnA5yTOnFoKLSJjPsxkNw1DLS2qpbhloYUvjbdKJi0BD2rD5DHqd_KVxYpTdxuY8dL3KXpJ69-b7Du7tqjmPvNfaWRgfnvWgfUrbYJaDVZLzuB5jLuP56Jr_IYaqU99CRmbZzyQ44DiJn3384Yx7n_PmC4b7txMb1dUlEuWyJXeSu-_hwIXEkAHT_31gjMhsiqALf6XaD53iNJ-R3ANh5r5qAwQ8vG4-ay01hW-aumuj7nSPjBVN0UKNLjI63tKCvU8yhvd0LtYBG1MTa6DLefwJkzaSe4vfI1vFg-OZsy7XN0eEIiAukEN6UQckFl8LTTvB5zV_pZVbeOf9Wd7WNJvUqRodjCqCJb1F0UChOkJcu6ech5Skca9T&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4a8c6c96d9d60c48a4fa783ceba42e957f8d571a95e3856c3cde4132336d49f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21190
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A474 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bftd94f8WQ77oJssJH1MxGFDwiKkofK6nD6cUIsAifu3QiwP0T7SWh_dz9pNaqtPgoXkTb8G_vPZfygIPS7S7h3NiJET89Cqku8lXiqV9gLGt6R8A
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame A474 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A474 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame A474 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:36:51 GMT
l
www.google.com/ads/measurement/ Frame A474 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPqQRDHdeJ-XNrNrdLc3qHXp4APRM7Q5hbccXNzfwWHq8TcGxlWu0iODxUDG4v-FJq2WWt
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9343 		266 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNXjGYjgv2nIkk45U7udJbduaVWV9eQ2NuNCsDJihs0j2uRFDDcpBt13aG3oMFDKLJ6d6T9dKuLGQZzAllY2q-nt7avunMDbQsZo1gUsOM6SkJTBX7ELbMKDrcn0YZmEAfJrZDNQ
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff016a7705bb98e34908e41f5db86978ffbde1ef819d57c2708b3c8091ed0e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNXjGYjgv2nIkk45U7udJbduaVWV9eQ2NuNCsDJihs0j2uRFDDcpBt13aG3oMFDKLJ6d6T9dKuLGQZzAllY2q-nt7avunMDbQsZo1gUsOM6SkJTBX7ELbMKDrcn0YZmEAfJrZDNQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 19 May 2021 16:44:05 GMT
server
cafe
cache-control
private
content-length
149
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUn9THsWLWz_GABrKKeZVOfcAkU5L2OZgsmRrgb4O9nytUARfnet6_APBaU2; expires=Mon, 13-Jun-2022 16:44:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 16:44:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0249 		43 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duz9z0ehNpWEKGS3r5TrZ4bLzTGGHOpjRV9GsNSI2478XbgRDf1y5DMIOjtKiomJY2_DWGt4q2C8cGkgg_xInK0YBn7ri7VxU3LNmawxP84GTnT8RWM4PMhMB7CEm1nqY9MOcE94MjCHC7SJ9ejzpbgI8ilg&dbm_d=AKAmf-AnWlNK41DILeqbCecg8iGpBlM8sYBBmib8NGgq3uY4QK_4juyWCvIFT6hikfJKr1dvNU6YeWXvpsNCnEpaiuydnAg_5k5EKnr-cbtbhpgdF6sjzFEOZUEUVu3oKghSifX60Of0iOZlq9jFwCxFy8BdWQrneinaYM3orzukMVCEim4w3rOXLnY6YDTbEUOH52umklO71CpKWp2DB7q12uOdRGFppod5HJjpYhxOPN1t4gtTX48wU0m174CoTovpfQT34KA4JKnxAQb51pQBAR4lU4FHTpJqyZC3re_V8sqbs51cE9iQcW7GkufdDAVFqDmC2pX8M9Y_WuACwWHVA5ztcf_qMsAKiLGo8_I09Na2ot2Yw9J_A5Fayg1DLqms7PcMRPS7C9C_J2_sWpdY4Wxqn54TrdhZjN7K8Vvh-N7lfjJyAXOWpTRE2TRCbxo-D2feafeZfD9fQfdNfkQDZ8Ro_Zw7tpcIw_6PGGlBLxJVJDGhPVkyfsztL5mgXOWOTfoNbG0wAsIghJIx3wMqCK62ho4bekA22Wat0xvKtFjLFhS6A3zfZZZHae_gBX5zhZdgXxQ2JgBl07NDHrOvzH1jz8pL5BX_3Xo6T_JZXoSpojJE79VDXBfbNkebHLLZoj_hdvEquDA9szlXI0hSsBTd0V2BwBTSbMTyZHS5LkYTmo7tRMFjXYDTO3ZVFnmASsBnotyreApOqHwTAN4s3YPX5H22RAxtgPAmnyFAAdWTkUkBHN6GqHpV0y1vwODRGoa3puj-KfWfFY86Vx4qT-r-995WGGgAQP3ZFlYDUSaUaADp-QJD9fKhIq_2qd5eAJwaPFgfojrLEsFVk8_vXpBiX-WbcpGBA10ZIv6_Wn6nyHuIch35WkCilioPIN8Hpn1gjq7aKjITK6Fw3y92zQoJMjkN1KvRye_6waIlNEHz9LxyGnmbcMOuqXlRr_LF4p2JkEDG4kAzhZsYXflMqCGB0ycSiA-f0aHtK8AVU2LH3jV5U5QrYZoJJ64HKmqhqPUo622oSyK03sBDCVmoG5dGPJz7okEwJGdO8Gt6R-xEmyxQr46NWEaaX9m1SjWXv7MhU7vm16yA0Z-5xkfKlTHwthgAsM1mUYlwkU4kr0bAin_qq0OtkoRZTWfsweMOFAZ57eTBjP3cNna3CEm9Mt7zF0_LTJAOU0HZm_GtJVMfPMovasUGgxy7NwC7UbMCy09Bfg2Jqkka4vfagdDYJkE1iufzL9ww0XXHdwIbE42SbZ4ZDaIECvWGqbrCdnzB0ZPCkang4SMcykg0gCvQZ4PORC5uU90ddl6w5RKFrsOWmvt9KolonoXfVUjCvSYyuCUGIsUfzxVNad130lv0pJH-2k1OFPVM4YFNhwtk9b9bmeqGZ0fiiohXpEaeukhSG8-11tiuyqj7oC5Mr1HN2MvSkO6fLZYI3Rdo6wvASowqiN2UkNCVXdtafi7cKF_J4WIyOeA5zwig8FWTUCMJvTrZQnG97GGAS1y2oEVebpYZ635y15ul0XMlmtjHq2NRyfDOcQw4tinGY59cmg3C-kymWuDrhIt1gqIwESNq1IRBwGrNV_O2CcouwP5ynss2sfHr-ENLT7ZBrhjPve5slmaFOXRdYS4LvgZvcDfnCgyfl5jU99LHhnDE1GhUDAiwI7F1JmgJuYG-eiN7op5JD38kbjL2v-CURuULNazJj6AgBecmEwu8ok-fVRxa65OqglZtoHAMkYSOVQQsxKk0rpQ1TBCt9XzK5gx46gjwwbx_8aOtmTJoNyK1VixYsotYdx96YIDMvQfnqonTZf8-ViQqTIbElvBAEqrRYA-JrVeDGToe-O-QMpFjTqfZ5kLTd0W42GHLrllxR8WNCyw_4jpBzxtZpNUbCzEahghxklNhWH9DUokqVarU5tC8RcSiPdsSVYyLuGglP-uOQKCcI0islq8tc1iQ549ViDXnx-PxxM4sgd6ZhXC02RR5OcVjtTECeNnOFX_4qSFonEbN1S7sGzvT4AVMqMoZ4wjFu4BSgVH8Jom7ag_azHXGWwYaUVuZUqAq0ga1YR9haq6WyyFTsBuJLQcX60iDQ1_1YzZU-fDexxbXGQ2OZ2S1Njb6Yf4jbkJPyzMGA17A2xIhdq_R3NWZy5v3OkqAbGfSmwC4CAjPKpbJmjUJy_hXl9O-2yxqBQeOeMBa9UWyfFLd-a3tbYB8135vrLAbjRYxSHp0gFv2DgNyK82raZYr0AShh68k-ycO-iGJYh5bpvAziFtCjdIik6Z0PHoQKs6AxJPbQp7reFAPj0-P8QQRRDzHG5w-RVOW1c0S4CQ1R9tOaFmDsgYm9Hxdfu3Bv9gvTl2W12aIc8Dzv1hVRwQZUgCiPthzTkbMwiE1hRU_1RatlmWfh2xLQ0SA_m1Amu-wELSuHUcHj4QzjoTjm43V9VLHMZrDUnJ3WDdIUWgZr64__UgafFYaE54PHaprho9h1u9nanHt_BlFzzymX_ljVsL2Vcu-NDm43vp4nQcwWw7a1sYVaz0mEWDfD3e0e9ts1KYYxSGE4mZMUJ7tO6hvHHSmNZX1IJyflFQYN8fyx0sdTQd-3jNen6it1FOidJyKzh1-7VA2ETdGk4qcCvWiwFt6jSFPs2riNbUVXvWtRSlyCgUvRXIeMPs3opcHXgPWEQ2JVVjyl2Fpkr3LMCVEo3aQwzSN7heawMT88ZlxpGqLS_amUgaLjI2X73LLgb6AkxJraQnV9DVoronX8pm79sC9OfroxT8cHC0o51x6moIgv9eh42WiG3VwfGJWZ4MCGveDmfGUjDQed0Y0wVZzm4z0TbJ22Xd1mmFfLw72Se6wofyhQjHPw9mXdhZA0s4PBE2J3Ntt8BdBM5zisbNuXPDt14xPG1GbLvZ5DJdY6JjYGsku1AEZMCs1hHityatXBGxgYTSMAEgqNXwF5vutPd03XhLGoyg4Ctk3gr7xbI2JjsxO42tvG0QmgIadw6tqKRvtxgPtEcQiUXt5IKjLPXXG5II0opia46EYsscMhEK-8cJlbO8YX5Hy9newZZN4o-wvGD3_7ABL0eLaDsU1dZC2OsKwxyqLY0KNMXSkE_KutnI6Ec5bVspsZQq-L5EiUGYIfzioD44rKlWuXE9h4nHUsEAbEcER&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a24694ab6c2575402b8f043b7330b815a81346be5a94d5c0d0fea6ec2c8b2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0249 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWB-HvwMNrwtOA4GUMhEJDYQe7rVfYWcLQnaFIHfTrAcw-DL6P8H-TTb3oAAgggcidhqCp60rwGYjYUM6UTI_TuhYkeNU1Pn7Rtvt6wZspnmQ6VY4
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 0249 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0249 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 0249 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:36:51 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame CFC4 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecd860e5a42c8d33d0fff8b937288a8b90d275a46be3e33e520a7453bcd8c55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12018
x-xss-protection
0
server
cafe
etag
3638864714359401965
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:28:47 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CFC4 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116703
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 May 2022 08:19:02 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame CFC4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:42:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame CFC4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFC4 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame CFC4 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:36:51 GMT
l
www.google.com/ads/measurement/ Frame CFC4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1Gfk_VU5sGCj8o_IMcguOhVlqOMrnjbq3ZfhG3Hm1IZ-rQf5g2dUWWFarRBO2pXVDID7j
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame F88C 		266 B
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNW9Qe1nTNH9aQLk6T7aIHAXqfiM2pf3IWaNZBOuhkpFkmQXRBmeZS5OJxkhgJPsy7jaH75DSQgeF1cyCHimD258kpLRRCKvzx0W3fy7RJbiVyePqz6DjjHozk7zpZ_eHOOOJhCY
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff016a7705bb98e34908e41f5db86978ffbde1ef819d57c2708b3c8091ed0e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNW9Qe1nTNH9aQLk6T7aIHAXqfiM2pf3IWaNZBOuhkpFkmQXRBmeZS5OJxkhgJPsy7jaH75DSQgeF1cyCHimD258kpLRRCKvzx0W3fy7RJbiVyePqz6DjjHozk7zpZ_eHOOOJhCY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 19 May 2021 16:44:05 GMT
server
cafe
cache-control
private
content-length
149
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnKBfZ90skCTlII1dHrzF4KMSaaE_rIi0WJUFUQXO3C5HKhPxaoR8zs6EQM; expires=Mon, 13-Jun-2022 16:44:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 16:44:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5DE1 		43 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYi6eFMTYGM4YGpCJFP9PSICBqEX1miyB-5OMnXv-oxV20q3nloEoD82IpkXjy2PHrmpb_INO_vgR13UH-6QulTlr0CZBjGIENylmTuakwVGG7nHauXSKTArakePrJBdItDhs5Nf1P8nY_nDiJiQr2DAaEwg&dbm_d=AKAmf-B_d-90IK2gnc5GVFQIZVwDRnh3NwF0v4OXXdZJCeF5PVgEXHptSqSRyuuXeYW5UqfeoujIM1_3A0v8kerb0TaiZPCrPQFL86stVa8uJIPWh5t43ZmVA0yRAdrbQJj4Pcb9IlKQQutfqsv8qhfcfqd-hBs5me4GZSem0MfFxCgkWuQvZ8XsBNOAGkmuKK6AuOmfL52a5R-QJIVb2LF0rYdiLv9814p8BFNdQfujEf77ByenhWObi3iwjv-oyNzQmqYN06uljCZA4PtccaCojQYCPBefO9n9dWdD8-3oESoItQNAELskvuBYG3Km7QRcq7qXX9OPPeyRD7XkVQi_efjMuaU985vwl3ehFf2HkgVAQk_JvDZXKfwtD8GsxTPkXTYVyEdpY-hWNnk470bWeYNXXVr5BhIf_hsyHhpPzPgIjBANM60le_0I7JhzUIRz3a8BBto1TIHj9ksNZFp0MiNrh3VzJ-VNHBWqHE_Hoo3HJp3lkKC4rWAkS1CYu2Y6gRMixU7D_TSzZdI0LleMVNedrMRKhEuMcNVRoP2RYuX0LdIRDa7Z1ocvchBEdvATtHewjXD-CNgVRpGEz5FnB53HXPqasME9u9jKuEs5WCokiLrTXDXQ-bfdG1Ly-cVclnEv9rrYBHIe-KyHwW9LRGVMAKY4WZE8RGbPuJ1eXya5Bj4_GjBxxPjyY1beJrOg6eoGh_uthqu4NPT-46aH63guMRbWbNLEZJ7gj6xl6Z7I-6VBYy6LD8fIQtMwAgvRnccv_BV3L8CZpgGu3rno62Eo8AcWZe9ZIoOFhJ1QXMu_DgSGrhkYGmHAVQMQXrwHyQZHRl7LlgeS78_0WTC8NdhY6mgUQWcaKIYLC5LK3NKE5243PjbqLsuZJiBg3N3Row15FQeC9syGoisXAPddYA3Enblnmgy-c5RS2BfmxlqAt0VTLvXcWgSuCL95OQ25z8ZRbkR-fIBSvY0rS-odYYLb0MAgtDkrvjVHe1v6qUZAlcnEkqWgC-y-XxsDcum2Oijq50r-9K1kbxe5BH2dqvbgfMjJno9bxLKaKk_6RCK3IBqWgCC8ouhi1Xul8OehbYz57KiZrHCRzVamJDK-uwfbwCzhGjOJjVxvLNKFcMP_T-7fwD74hLq7zAu3Pp5TWBjcqGkI8Djt6bvbDa1eJHckrWsfsgxvuygyVWfQvkurLwrVseOpI89PaRDI2JQbuy0d_4LMvFe07b1j7P3zuzFhrKY1miwyiJv3XJl7dvbIr4cYcSckRei3D6oNrE0Tf4TeD7xbd3wBKIfsmkm9z636arWzf6M8e9gOVoSkkIVPyM69GUedjtbe0ULshkzi3vW_MwceIXqg1yRXfc8Lsf-fjuAMxStwJUeHnlne76QgXEBp04Uhp8xDKd1SD_qr8m93g47C_ad6r6VI7Ii0QI1aAAnGQMRUSaVcDRv9k8ImZzTiMesJ3k55s5THlPlJW-vzK1QNJFqTMQtuUKMSIISQEvixU_XJu2YWY_sva6b-RSt9iVzP3vcjIB5C1gNEAgmeIsP-YF9v2izM63nPtcgnt1P3kEOI1kphJtwVC-W_y-EhsLU4rkBK08Z7TnQhSmfA6yQwONCd9yxuJABRI3rRZzVtR1qN1tPBG5RPgCX-tvWEuux6tLrRm0nUfKbddqVgwlH2qihYZ6fi-FZNqtVoPZiViijjFOVbHMgSpLtMUTf7d9CBHBV3VEnJHWf2tXjipjk7ECMkaVIEdTL0_8yAb6dD7NnGwceTt6YFQrrrPi0mh5effaIsbWtWTuElvuJsXF1Q52xNx0UoPRkpgdp1LWRjaS1RI-bcBnOwJxFQpARJ9K77b_GvfCJwJWFT0GeC4o3b7Tz6JHhzbwgtrOHISgPjqJlcv0OLdCU9f0Jji7jZNPkMPoqQVdyGCLZ3WEG1YD3UBy-aUu-urn5hpGapM4_piU1E7100tIVwGC-Af7ZaPjGrdKG2AIq7DUTUvcKq-7BVb94aryNmHs0XU_EONnQS12nMc4ltBib3_D4XSshnXwbVV5EHEP0RZjTam0u68QKfrX_Y54DjjLFs4GmDuX8l_kIUziPPOIBiWlBWDDa4OxfQG1-FkuGUt1xKb9WgyeHDw2Qw2ziSepKbhgDPybH_ocn9aa4Y9qGVzyP98zrkSNA_eo7n54JP88H6jDS0DZBjNhq3cs7JgonUhm5cl1p72tGynTeHPsiJtbKchQZbi6NVX4DUhH7PFtrPgYAGllhbAlmbSBS0HdwFm3WERvf2uaYxbwsWhYgMFC4_rATHatYrDaZ0d8cbjVYTxJSNmWh0CA9IZew2I4PG9eFyniLNSjUguL5OoEPD3JkB1Tntmw8bkKdSyqzf4RUMYGNNfcFqdQk_CSQ21axv5mm6hZtQDd34DvWo3k-n3_o1ARMwxn4lxensDeZg_mmgvkF2p_-eJ5n3rTGyq1qnMpe4no_HyL55rxIiuLD6y61ZzWfY2Xq2zoSOjp80rhR30LtKp0j6rvp754Qi493zf3isWdjRIxehl1ctP36wO-f8ECwQwNZdUf2wDqk0BQ95B55JXt-Um6hNEU7Z3Dgmc1b2NaJannm-Q_SfRL4yaazZnCx59tFFE_nmgb0B5Qqh8kf1jUJJtpfMHOvmVMW7PiiOyHxFMTXux8hayHCEXEo1OMyRrHmLOT5CrWbyHGBGrUyiHuqjuSVgfeFjmg1gPg-vWIf6bnMrcgGZ9oxgsQas3wOzdaq7j3g3aZcHHN9KYZ3cr2G1-z1wk9-h7xms0ciX6xnVQoD-jewdRhdAqmp9U6d5gZJR1zBjDfjYxHZ4DpE8wO-GKIDDv0eFjxqCmJIMabKFgKHz03tWJWTPVJXQPa6RcyDSd17HUG6rb-iCk7Q9cozFXMr-1jIK3MX--dZl0eRvAe2j08FSjmRg2_2MKD00V1yemEfKK9aFZZr4hy6k5n433Cf8JwN7s2zJYFkonY1t9urDoD0QRZJoAtHFv_8pEsn2yH5nzkICT1GlrBN9KxmOYinKRvOj2UihmoPsvRvSlyZ8h312OUSKtUzdHHXLcl_rYliWQOzz91Vxr8eo8yr8IgLJ_uuI_GaaijSDlKymHBGXZC2griLScPjsikt7u0l0d7K_P03IJNcC_8pjxHOz&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8180f84996d278d97985aec2308fb278eb7ee6691e74f94eea3fe400a01f9e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21158
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DE1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BI_r6KVraBL3QvQjcfZ75YD98cAHAVf2K2MESuMIYZ8hURHXnmofPg75eTtEGA0Wza8N-GarinUwrMaJ8Y-qHBFMH-zAMIQPOVT45dP940syJEOwY
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5DE1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DE1 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5DE1 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:36:51 GMT
l
www.google.com/ads/measurement/ Frame 5DE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRze8j3FzALrNCvfz4ERs6LR3Ar9s9fWq4ZKzle4-bJO4-StY1VJRfygFLaV2vrdomubO-v
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame A474 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7XMDkq9sLOCVlhY8pEc8gOW7mYnnv7bQOt6yD4YyjNstn09JMFzzb5ZcFBYmSBpFlcbcDVkN5khsHafyn074VgaBg9rZHFbhmplOYnZLN1henmKRR8qeD0TGKnW5ArCmoDF8Wgz69iMNWJkLLIXVlQoPW6w&dbm_d=AKAmf-BBktXEzCF8D6gibSSWw3lgNRpdSesi0ADoQOaUY4VeCY4mkOTgKWKWfUjWwaNVy03Asgq-c7h5ZQBNdmFGqbdLXWmsXxVXI8dybft55ZXIcugU-bsXkxpjJ9UKpExceqKgM_nlJM_nLmCoMv6zFZlWvE0QJsV7bxqmsD3PVxam4B3cOnHr86I0S5nFVwfiLbAA6wpp6kkoEyuAoGLctx5sAVbRAArJ5GwY02P32kHUTnqh8dl6NNKtJYfDESEgFqz1vYxMKnpzLJc55fg6QCCAhxKALe0b0LJdhu9BlalN-EQe1NUORyPhLslNGflY1_KqdzPmAQ3EHAeffcKtHZnOdvNwxvUbEppVA39oRVA5b73DhpSS8FCesStGPGdh70fiALxKMIR0f8H0TWkfaS2PipEmbKK77vYfc8lLlIiaQ28jqV0IJgFkJXfD1exTvoBcZOA5nW3ZgEYrcBmRJH0sSpMd8uY3r8f3yoZzDIhMLSLdS4IvWGGzJwUM3eZR1iqMBjCkpHJkWMr2BS7UUaz-uOug4E7GA8Atqli0XZv3WT6Qs0tHqaXWBBJG1AIQp5HhSyP4WiGHjjgkSmdXqOhhpb2EVSwOuuUV4_y5iA77REEOxnKFxfAepWDHjYz-sYH0Lzg8WCLwBeQr7SbzXmaFhNBnMqLZeB6mXPjVX0wgTKpxU0pGdVp0Sm_XTWwxx3xLq7FdTblOE2Vvmm6b2LpcRz7PE5tQcRgqpu6dYrj1ZeMujXUrK9F1g3NajPeufVRI5k45fjxZ3XnqpIdGL38DCLAC8DFaqix41zN_R_I7H8P6yozT7w6-Q2ZuwpVXu8aBM3KbN9ZbXFrK2LxHrSuBe40Q-Vg8rMjA0aDTC582F9DE3amPLwAiKLTgVJA_PhuOA7Qq3K4QklUL58f99V9gdWqrJbX_FVHXhVv8SmsUese9zqHogWo4G1VmDKucwzT-nsfnIkCOggN6LNkhHqU75sZs_D1hZB0IMrw2FG3MNUtMHzpo7zg9goU4K_gQdN0dZNWW70COfieMeRrlxe5rvC3SkhGQK9kqISPnpBhPZUVUNzcnWwqanAUtb_e5heOec-6y0IulVqm5LHpYihzsnSg1oWPcRZj0qIOK3DzIhcpxEOVtgSOeF6PAVf6Dpw_P8k6ag9UQ0wh3VakBAGK5NzLjly74U60rupOkmwOIZIUCr01Hch7tugP7wxTGmA9ROv2saUtb481yWBjL2To5zZDiLPzZyvK6n3WrPG_t2Gu1chkCMJz3vAAKnVCzI05YXtpDjbj0Zgf-S_Pe7l8kXcsZlOwVQEf5nxSPhc1G3uz0BWM4tT72ft74P0pH6440NMjEdysShFbx0aXGAIlXqLNfLsRiLG52z8Y5bZ4oui4firv5iGZ_iZP61obdFDUsf6zFJt0vGVa_7BTPCgyqc_uoI5cFCmXP5JJo67d9fIgK-THvDGi3Eb4OW422rLARwnlmgWR3i6DwIA5UOB3qO8Ljzv5ROgGDZ3FhwJ4XK6hQDEyMjDu0PUisxPCBaW9rPca-Lfy8oAe7UvLTzwoJ56ZEXrhKRafQkhd_WEiTnsyMqXjQWlu16rriDXpUWuE0D3tRsg1LELEAcv8YuY9ByvJRnRLANKxHC30UCLLygd8ZzgodluT9OJVH8WhqmVx-vUjlyWX4ZV-JS7IHU_sCT6AMQdvr-tnrkSezgkpJFxZLZbofhFCQ7UbyQTMZ5xLQbVwbp6cjfidoUWEP_c9Wgw2pb7kOLWjd5nRUIDaTP2FbLZYz7N1H8PXYQMKEHTO7c21NJ179TOOswNJ9oanklhes8lL8LVwhDvyLz_eSrRbmrhCxkjOaYSK5EvOnoJjOEBHYQHMKqtW7SfqHaAa3CuOUeA6D1Nm4eIhxr6CmxUvNs9CmKjWYlDhw5oCddBFjuhr_pKnw_xvBNJyX708jy6I9TJfGH6twWjX1wJrKur82xriw84AJ6vu9ytCO45HqatBlIDr4BJGjudSBSeWAsNgLxl1d8qG5xyZr03q2dBsfxQ5UxwprMSXsHDIOji8gHjm7aSIL4u6uMvF6ZD4iADUx8hrsUV7ojQb-8m_uMbFrUb7J-1oYTzt6IMUSt8BLHUTgZFhe5YFneWpHeeWFkKSO-ffppP7GAZ6WqHFvtLOzrNa6kaJ-2Ag8SaqY8C_RkZn0HT9Yj3fiweaNyrMEtJ5SOIum1QiOE2XNlNnw6c83aRwmB6Y45R_ZHFnorvKlK3mklH31XDoPSL98dlPdJNDpSRpmzGG_Jc4ZJm-D68wdAsb9u3RCuATgx3eXBkezqL35z9PfU6NRVG0kAfDU1VO1VpWQFbghbGFl8s5gAMQ4k3tmMMbVR9vCo_qL2XPGajZsHnCDF7QZqHrmkUTR65KZe6V92QgCLzTgJ99pqhgn2CHXcrs0t9MFuJWDFwoUtp4EpZpiUA9ZsLJoQYT-1AEME4GCKszPVxePU44pDsMtZK33HRX1E-AlSkpPv1RzSIvTivw0ArhCFbo6pGs6rU5-SxoX95prSoW0lEs-u3UUK_DhK30jrBVCjIyj4SxIHuisrc5xM35Nj1b3HuAClbROU5FVIyr435f3khfM-TA6pr3pO0UcHDb-m-rz0AbAs8HSBOF3eT3Nq0WGHf-mPZExyZAf6ywpwVHZ5Y7duLGonTSVnk_RP2rZSPudDmUTI-5WLKPhqd6dEnA5yTOnFoKLSJjPsxkNw1DLS2qpbhloYUvjbdKJi0BD2rD5DHqd_KVxYpTdxuY8dL3KXpJ69-b7Du7tqjmPvNfaWRgfnvWgfUrbYJaDVZLzuB5jLuP56Jr_IYaqU99CRmbZzyQ44DiJn3384Yx7n_PmC4b7txMb1dUlEuWyJXeSu-_hwIXEkAHT_31gjMhsiqALf6XaD53iNJ-R3ANh5r5qAwQ8vG4-ay01hW-aumuj7nSPjBVN0UKNLjI63tKCvU8yhvd0LtYBG1MTa6DLefwJkzaSe4vfI1vFg-OZsy7XN0eEIiAukEN6UQckFl8LTTvB5zV_pZVbeOf9Wd7WNJvUqRodjCqCJb1F0UChOkJcu6ech5Skca9T&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:42:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame A474 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7XMDkq9sLOCVlhY8pEc8gOW7mYnnv7bQOt6yD4YyjNstn09JMFzzb5ZcFBYmSBpFlcbcDVkN5khsHafyn074VgaBg9rZHFbhmplOYnZLN1henmKRR8qeD0TGKnW5ArCmoDF8Wgz69iMNWJkLLIXVlQoPW6w&dbm_d=AKAmf-BBktXEzCF8D6gibSSWw3lgNRpdSesi0ADoQOaUY4VeCY4mkOTgKWKWfUjWwaNVy03Asgq-c7h5ZQBNdmFGqbdLXWmsXxVXI8dybft55ZXIcugU-bsXkxpjJ9UKpExceqKgM_nlJM_nLmCoMv6zFZlWvE0QJsV7bxqmsD3PVxam4B3cOnHr86I0S5nFVwfiLbAA6wpp6kkoEyuAoGLctx5sAVbRAArJ5GwY02P32kHUTnqh8dl6NNKtJYfDESEgFqz1vYxMKnpzLJc55fg6QCCAhxKALe0b0LJdhu9BlalN-EQe1NUORyPhLslNGflY1_KqdzPmAQ3EHAeffcKtHZnOdvNwxvUbEppVA39oRVA5b73DhpSS8FCesStGPGdh70fiALxKMIR0f8H0TWkfaS2PipEmbKK77vYfc8lLlIiaQ28jqV0IJgFkJXfD1exTvoBcZOA5nW3ZgEYrcBmRJH0sSpMd8uY3r8f3yoZzDIhMLSLdS4IvWGGzJwUM3eZR1iqMBjCkpHJkWMr2BS7UUaz-uOug4E7GA8Atqli0XZv3WT6Qs0tHqaXWBBJG1AIQp5HhSyP4WiGHjjgkSmdXqOhhpb2EVSwOuuUV4_y5iA77REEOxnKFxfAepWDHjYz-sYH0Lzg8WCLwBeQr7SbzXmaFhNBnMqLZeB6mXPjVX0wgTKpxU0pGdVp0Sm_XTWwxx3xLq7FdTblOE2Vvmm6b2LpcRz7PE5tQcRgqpu6dYrj1ZeMujXUrK9F1g3NajPeufVRI5k45fjxZ3XnqpIdGL38DCLAC8DFaqix41zN_R_I7H8P6yozT7w6-Q2ZuwpVXu8aBM3KbN9ZbXFrK2LxHrSuBe40Q-Vg8rMjA0aDTC582F9DE3amPLwAiKLTgVJA_PhuOA7Qq3K4QklUL58f99V9gdWqrJbX_FVHXhVv8SmsUese9zqHogWo4G1VmDKucwzT-nsfnIkCOggN6LNkhHqU75sZs_D1hZB0IMrw2FG3MNUtMHzpo7zg9goU4K_gQdN0dZNWW70COfieMeRrlxe5rvC3SkhGQK9kqISPnpBhPZUVUNzcnWwqanAUtb_e5heOec-6y0IulVqm5LHpYihzsnSg1oWPcRZj0qIOK3DzIhcpxEOVtgSOeF6PAVf6Dpw_P8k6ag9UQ0wh3VakBAGK5NzLjly74U60rupOkmwOIZIUCr01Hch7tugP7wxTGmA9ROv2saUtb481yWBjL2To5zZDiLPzZyvK6n3WrPG_t2Gu1chkCMJz3vAAKnVCzI05YXtpDjbj0Zgf-S_Pe7l8kXcsZlOwVQEf5nxSPhc1G3uz0BWM4tT72ft74P0pH6440NMjEdysShFbx0aXGAIlXqLNfLsRiLG52z8Y5bZ4oui4firv5iGZ_iZP61obdFDUsf6zFJt0vGVa_7BTPCgyqc_uoI5cFCmXP5JJo67d9fIgK-THvDGi3Eb4OW422rLARwnlmgWR3i6DwIA5UOB3qO8Ljzv5ROgGDZ3FhwJ4XK6hQDEyMjDu0PUisxPCBaW9rPca-Lfy8oAe7UvLTzwoJ56ZEXrhKRafQkhd_WEiTnsyMqXjQWlu16rriDXpUWuE0D3tRsg1LELEAcv8YuY9ByvJRnRLANKxHC30UCLLygd8ZzgodluT9OJVH8WhqmVx-vUjlyWX4ZV-JS7IHU_sCT6AMQdvr-tnrkSezgkpJFxZLZbofhFCQ7UbyQTMZ5xLQbVwbp6cjfidoUWEP_c9Wgw2pb7kOLWjd5nRUIDaTP2FbLZYz7N1H8PXYQMKEHTO7c21NJ179TOOswNJ9oanklhes8lL8LVwhDvyLz_eSrRbmrhCxkjOaYSK5EvOnoJjOEBHYQHMKqtW7SfqHaAa3CuOUeA6D1Nm4eIhxr6CmxUvNs9CmKjWYlDhw5oCddBFjuhr_pKnw_xvBNJyX708jy6I9TJfGH6twWjX1wJrKur82xriw84AJ6vu9ytCO45HqatBlIDr4BJGjudSBSeWAsNgLxl1d8qG5xyZr03q2dBsfxQ5UxwprMSXsHDIOji8gHjm7aSIL4u6uMvF6ZD4iADUx8hrsUV7ojQb-8m_uMbFrUb7J-1oYTzt6IMUSt8BLHUTgZFhe5YFneWpHeeWFkKSO-ffppP7GAZ6WqHFvtLOzrNa6kaJ-2Ag8SaqY8C_RkZn0HT9Yj3fiweaNyrMEtJ5SOIum1QiOE2XNlNnw6c83aRwmB6Y45R_ZHFnorvKlK3mklH31XDoPSL98dlPdJNDpSRpmzGG_Jc4ZJm-D68wdAsb9u3RCuATgx3eXBkezqL35z9PfU6NRVG0kAfDU1VO1VpWQFbghbGFl8s5gAMQ4k3tmMMbVR9vCo_qL2XPGajZsHnCDF7QZqHrmkUTR65KZe6V92QgCLzTgJ99pqhgn2CHXcrs0t9MFuJWDFwoUtp4EpZpiUA9ZsLJoQYT-1AEME4GCKszPVxePU44pDsMtZK33HRX1E-AlSkpPv1RzSIvTivw0ArhCFbo6pGs6rU5-SxoX95prSoW0lEs-u3UUK_DhK30jrBVCjIyj4SxIHuisrc5xM35Nj1b3HuAClbROU5FVIyr435f3khfM-TA6pr3pO0UcHDb-m-rz0AbAs8HSBOF3eT3Nq0WGHf-mPZExyZAf6ywpwVHZ5Y7duLGonTSVnk_RP2rZSPudDmUTI-5WLKPhqd6dEnA5yTOnFoKLSJjPsxkNw1DLS2qpbhloYUvjbdKJi0BD2rD5DHqd_KVxYpTdxuY8dL3KXpJ69-b7Du7tqjmPvNfaWRgfnvWgfUrbYJaDVZLzuB5jLuP56Jr_IYaqU99CRmbZzyQ44DiJn3384Yx7n_PmC4b7txMb1dUlEuWyJXeSu-_hwIXEkAHT_31gjMhsiqALf6XaD53iNJ-R3ANh5r5qAwQ8vG4-ay01hW-aumuj7nSPjBVN0UKNLjI63tKCvU8yhvd0LtYBG1MTa6DLefwJkzaSe4vfI1vFg-OZsy7XN0eEIiAukEN6UQckFl8LTTvB5zV_pZVbeOf9Wd7WNJvUqRodjCqCJb1F0UChOkJcu6ech5Skca9T&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A474 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUkPSGStL9T4e5I5FRUVFbdEGegK6OE2EPzie3vUEfvznJGBTuBLmPWZqE3CJhImk-qrWWosVmRhTMm1MgiiJqG3wVjebeRKn6Yho4-e4L6IpfrhNJbnpwCMF9cHe5Kq5qCKppZARwdaCcIxGgRWFIVBSUmaxERsKCkaoP7zRsx8rT1I8wrrFmKpuwPMbniLMBLzOPWmc9Jdy9B6ql9hi8unUH0c0iCeykTLsS_KIVWb-vnlWesFpYrlg2UYDWhtrXPWi_VeX7PNrujGXPIUgYfNsydGIcxQF03SUoTJuc-Zpxv_OM32pKD58zMZ1fafGHoPGyJO-mj2_E6o1rLwwgmC8digj3YuDXmcP5SbI5h4SFc7bbalYh4aV-fFqMU0IkC_Ws7fh3YDbsKy2uclq0XfR_2EWMZt2D37PEELf697s6Bn04BMdTWQuiF3LNLtthc5af3tYQ9dR7BwO5e8CroTO3_iq-MpsCb3II2gPqDb6DelEcia57MCl8g9RouX50oT6fPtVvm0cJR5NUNL__jiWfTDsEdSTxAV49gDgkzHWb04jxtju3op1mQzIdtDe9ALknkET2lJ_aUp7Sl4LX0iDTjN8gQb2NCnLtopYScd0sGkTyi9ac0yZuyYNFb2TR2pW7VdsYQswvn9X9LU66H4SQO_Cw3gAva2ZqgLnZwV7jBidgv_4TGEOE-h2jnspda4FVcMLYxG6GGh00ihkchH3FhKQxauh6TCJtRAarg0FGOHuJ3lDnFCFwqMScarp_iVH440sVNa1mwHc1_qOXyUFIgEeN-fK8kd2BxS0J6fEGXk7daT_UuzPb8BzvWjW-Cop-JLItpBIhz7T4XhEEMhd0TQ7PNfzQtYRegCw3UozHZswILz5nrn2p8BLEEjMuGLlNCTiLYBWaZQw21-v_hptQk9X4VSPg7_doFePNxvPKRIN8nMCEeQF6re3LUX8AH0lUJevN9R-DPaRn0eMaOAqPqRrmCb63Y11U6qc-vjy5Ww4BM8vaFzIZnRGKkJuxxAWxjt3uXvfQ33d45uAe8TQp-akFdrHQ1DKMNjKUHJyUw6xzWmPs5TkDSqzABoxJn4Nm3jW310vzzq889dS1ta_BKDpUqFTwX_bZJ_t-U6Xht3enRNy6BqOOU-wBU3-la9uLEUyjcRS-_AWcldLo1i-PWTqXi_b5-9wP4pO8UrW7MuaOOcVTLZGQZtzQ-1-wUXbanK--Q-TpsS_tneSV2sAW8e4Yl_224awdSZXNwj1-nLSUo5J61J9kjA&sai=AMfl-YRsMcJ36tklRKKQhk-gM8Dr1QP2EHG1HkM_gHjyxV3g_e70-ui37TFSKceKrOOe0bcznRY42CeebkGhlMiJtYe7XGnOzL4Qj_S1yNY-sjd97wCLRL4k132VVtkZIdg9TbA6gis7XMbN1fzOe4RQQnRNR7HHGGijji6iNNBbe0RRg_lde9f_VHoirsgv-50BZtgVsuKDdOWE-htd3JeNgUFb57wWOUWbMiM23fZC1EXbgtMeF8Kq5lb6w0uiQzBuSg&sig=Cg0ArKJSzJ8InvpFZ8epEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20210517.79796&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7XMDkq9sLOCVlhY8pEc8gOW7mYnnv7bQOt6yD4YyjNstn09JMFzzb5ZcFBYmSBpFlcbcDVkN5khsHafyn074VgaBg9rZHFbhmplOYnZLN1henmKRR8qeD0TGKnW5ArCmoDF8Wgz69iMNWJkLLIXVlQoPW6w&dbm_d=AKAmf-BBktXEzCF8D6gibSSWw3lgNRpdSesi0ADoQOaUY4VeCY4mkOTgKWKWfUjWwaNVy03Asgq-c7h5ZQBNdmFGqbdLXWmsXxVXI8dybft55ZXIcugU-bsXkxpjJ9UKpExceqKgM_nlJM_nLmCoMv6zFZlWvE0QJsV7bxqmsD3PVxam4B3cOnHr86I0S5nFVwfiLbAA6wpp6kkoEyuAoGLctx5sAVbRAArJ5GwY02P32kHUTnqh8dl6NNKtJYfDESEgFqz1vYxMKnpzLJc55fg6QCCAhxKALe0b0LJdhu9BlalN-EQe1NUORyPhLslNGflY1_KqdzPmAQ3EHAeffcKtHZnOdvNwxvUbEppVA39oRVA5b73DhpSS8FCesStGPGdh70fiALxKMIR0f8H0TWkfaS2PipEmbKK77vYfc8lLlIiaQ28jqV0IJgFkJXfD1exTvoBcZOA5nW3ZgEYrcBmRJH0sSpMd8uY3r8f3yoZzDIhMLSLdS4IvWGGzJwUM3eZR1iqMBjCkpHJkWMr2BS7UUaz-uOug4E7GA8Atqli0XZv3WT6Qs0tHqaXWBBJG1AIQp5HhSyP4WiGHjjgkSmdXqOhhpb2EVSwOuuUV4_y5iA77REEOxnKFxfAepWDHjYz-sYH0Lzg8WCLwBeQr7SbzXmaFhNBnMqLZeB6mXPjVX0wgTKpxU0pGdVp0Sm_XTWwxx3xLq7FdTblOE2Vvmm6b2LpcRz7PE5tQcRgqpu6dYrj1ZeMujXUrK9F1g3NajPeufVRI5k45fjxZ3XnqpIdGL38DCLAC8DFaqix41zN_R_I7H8P6yozT7w6-Q2ZuwpVXu8aBM3KbN9ZbXFrK2LxHrSuBe40Q-Vg8rMjA0aDTC582F9DE3amPLwAiKLTgVJA_PhuOA7Qq3K4QklUL58f99V9gdWqrJbX_FVHXhVv8SmsUese9zqHogWo4G1VmDKucwzT-nsfnIkCOggN6LNkhHqU75sZs_D1hZB0IMrw2FG3MNUtMHzpo7zg9goU4K_gQdN0dZNWW70COfieMeRrlxe5rvC3SkhGQK9kqISPnpBhPZUVUNzcnWwqanAUtb_e5heOec-6y0IulVqm5LHpYihzsnSg1oWPcRZj0qIOK3DzIhcpxEOVtgSOeF6PAVf6Dpw_P8k6ag9UQ0wh3VakBAGK5NzLjly74U60rupOkmwOIZIUCr01Hch7tugP7wxTGmA9ROv2saUtb481yWBjL2To5zZDiLPzZyvK6n3WrPG_t2Gu1chkCMJz3vAAKnVCzI05YXtpDjbj0Zgf-S_Pe7l8kXcsZlOwVQEf5nxSPhc1G3uz0BWM4tT72ft74P0pH6440NMjEdysShFbx0aXGAIlXqLNfLsRiLG52z8Y5bZ4oui4firv5iGZ_iZP61obdFDUsf6zFJt0vGVa_7BTPCgyqc_uoI5cFCmXP5JJo67d9fIgK-THvDGi3Eb4OW422rLARwnlmgWR3i6DwIA5UOB3qO8Ljzv5ROgGDZ3FhwJ4XK6hQDEyMjDu0PUisxPCBaW9rPca-Lfy8oAe7UvLTzwoJ56ZEXrhKRafQkhd_WEiTnsyMqXjQWlu16rriDXpUWuE0D3tRsg1LELEAcv8YuY9ByvJRnRLANKxHC30UCLLygd8ZzgodluT9OJVH8WhqmVx-vUjlyWX4ZV-JS7IHU_sCT6AMQdvr-tnrkSezgkpJFxZLZbofhFCQ7UbyQTMZ5xLQbVwbp6cjfidoUWEP_c9Wgw2pb7kOLWjd5nRUIDaTP2FbLZYz7N1H8PXYQMKEHTO7c21NJ179TOOswNJ9oanklhes8lL8LVwhDvyLz_eSrRbmrhCxkjOaYSK5EvOnoJjOEBHYQHMKqtW7SfqHaAa3CuOUeA6D1Nm4eIhxr6CmxUvNs9CmKjWYlDhw5oCddBFjuhr_pKnw_xvBNJyX708jy6I9TJfGH6twWjX1wJrKur82xriw84AJ6vu9ytCO45HqatBlIDr4BJGjudSBSeWAsNgLxl1d8qG5xyZr03q2dBsfxQ5UxwprMSXsHDIOji8gHjm7aSIL4u6uMvF6ZD4iADUx8hrsUV7ojQb-8m_uMbFrUb7J-1oYTzt6IMUSt8BLHUTgZFhe5YFneWpHeeWFkKSO-ffppP7GAZ6WqHFvtLOzrNa6kaJ-2Ag8SaqY8C_RkZn0HT9Yj3fiweaNyrMEtJ5SOIum1QiOE2XNlNnw6c83aRwmB6Y45R_ZHFnorvKlK3mklH31XDoPSL98dlPdJNDpSRpmzGG_Jc4ZJm-D68wdAsb9u3RCuATgx3eXBkezqL35z9PfU6NRVG0kAfDU1VO1VpWQFbghbGFl8s5gAMQ4k3tmMMbVR9vCo_qL2XPGajZsHnCDF7QZqHrmkUTR65KZe6V92QgCLzTgJ99pqhgn2CHXcrs0t9MFuJWDFwoUtp4EpZpiUA9ZsLJoQYT-1AEME4GCKszPVxePU44pDsMtZK33HRX1E-AlSkpPv1RzSIvTivw0ArhCFbo6pGs6rU5-SxoX95prSoW0lEs-u3UUK_DhK30jrBVCjIyj4SxIHuisrc5xM35Nj1b3HuAClbROU5FVIyr435f3khfM-TA6pr3pO0UcHDb-m-rz0AbAs8HSBOF3eT3Nq0WGHf-mPZExyZAf6ywpwVHZ5Y7duLGonTSVnk_RP2rZSPudDmUTI-5WLKPhqd6dEnA5yTOnFoKLSJjPsxkNw1DLS2qpbhloYUvjbdKJi0BD2rD5DHqd_KVxYpTdxuY8dL3KXpJ69-b7Du7tqjmPvNfaWRgfnvWgfUrbYJaDVZLzuB5jLuP56Jr_IYaqU99CRmbZzyQ44DiJn3384Yx7n_PmC4b7txMb1dUlEuWyJXeSu-_hwIXEkAHT_31gjMhsiqALf6XaD53iNJ-R3ANh5r5qAwQ8vG4-ay01hW-aumuj7nSPjBVN0UKNLjI63tKCvU8yhvd0LtYBG1MTa6DLefwJkzaSe4vfI1vFg-OZsy7XN0eEIiAukEN6UQckFl8LTTvB5zV_pZVbeOf9Wd7WNJvUqRodjCqCJb1F0UChOkJcu6ech5Skca9T&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 19 May 2021 16:44:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A474 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7XMDkq9sLOCVlhY8pEc8gOW7mYnnv7bQOt6yD4YyjNstn09JMFzzb5ZcFBYmSBpFlcbcDVkN5khsHafyn074VgaBg9rZHFbhmplOYnZLN1henmKRR8qeD0TGKnW5ArCmoDF8Wgz69iMNWJkLLIXVlQoPW6w&dbm_d=AKAmf-BBktXEzCF8D6gibSSWw3lgNRpdSesi0ADoQOaUY4VeCY4mkOTgKWKWfUjWwaNVy03Asgq-c7h5ZQBNdmFGqbdLXWmsXxVXI8dybft55ZXIcugU-bsXkxpjJ9UKpExceqKgM_nlJM_nLmCoMv6zFZlWvE0QJsV7bxqmsD3PVxam4B3cOnHr86I0S5nFVwfiLbAA6wpp6kkoEyuAoGLctx5sAVbRAArJ5GwY02P32kHUTnqh8dl6NNKtJYfDESEgFqz1vYxMKnpzLJc55fg6QCCAhxKALe0b0LJdhu9BlalN-EQe1NUORyPhLslNGflY1_KqdzPmAQ3EHAeffcKtHZnOdvNwxvUbEppVA39oRVA5b73DhpSS8FCesStGPGdh70fiALxKMIR0f8H0TWkfaS2PipEmbKK77vYfc8lLlIiaQ28jqV0IJgFkJXfD1exTvoBcZOA5nW3ZgEYrcBmRJH0sSpMd8uY3r8f3yoZzDIhMLSLdS4IvWGGzJwUM3eZR1iqMBjCkpHJkWMr2BS7UUaz-uOug4E7GA8Atqli0XZv3WT6Qs0tHqaXWBBJG1AIQp5HhSyP4WiGHjjgkSmdXqOhhpb2EVSwOuuUV4_y5iA77REEOxnKFxfAepWDHjYz-sYH0Lzg8WCLwBeQr7SbzXmaFhNBnMqLZeB6mXPjVX0wgTKpxU0pGdVp0Sm_XTWwxx3xLq7FdTblOE2Vvmm6b2LpcRz7PE5tQcRgqpu6dYrj1ZeMujXUrK9F1g3NajPeufVRI5k45fjxZ3XnqpIdGL38DCLAC8DFaqix41zN_R_I7H8P6yozT7w6-Q2ZuwpVXu8aBM3KbN9ZbXFrK2LxHrSuBe40Q-Vg8rMjA0aDTC582F9DE3amPLwAiKLTgVJA_PhuOA7Qq3K4QklUL58f99V9gdWqrJbX_FVHXhVv8SmsUese9zqHogWo4G1VmDKucwzT-nsfnIkCOggN6LNkhHqU75sZs_D1hZB0IMrw2FG3MNUtMHzpo7zg9goU4K_gQdN0dZNWW70COfieMeRrlxe5rvC3SkhGQK9kqISPnpBhPZUVUNzcnWwqanAUtb_e5heOec-6y0IulVqm5LHpYihzsnSg1oWPcRZj0qIOK3DzIhcpxEOVtgSOeF6PAVf6Dpw_P8k6ag9UQ0wh3VakBAGK5NzLjly74U60rupOkmwOIZIUCr01Hch7tugP7wxTGmA9ROv2saUtb481yWBjL2To5zZDiLPzZyvK6n3WrPG_t2Gu1chkCMJz3vAAKnVCzI05YXtpDjbj0Zgf-S_Pe7l8kXcsZlOwVQEf5nxSPhc1G3uz0BWM4tT72ft74P0pH6440NMjEdysShFbx0aXGAIlXqLNfLsRiLG52z8Y5bZ4oui4firv5iGZ_iZP61obdFDUsf6zFJt0vGVa_7BTPCgyqc_uoI5cFCmXP5JJo67d9fIgK-THvDGi3Eb4OW422rLARwnlmgWR3i6DwIA5UOB3qO8Ljzv5ROgGDZ3FhwJ4XK6hQDEyMjDu0PUisxPCBaW9rPca-Lfy8oAe7UvLTzwoJ56ZEXrhKRafQkhd_WEiTnsyMqXjQWlu16rriDXpUWuE0D3tRsg1LELEAcv8YuY9ByvJRnRLANKxHC30UCLLygd8ZzgodluT9OJVH8WhqmVx-vUjlyWX4ZV-JS7IHU_sCT6AMQdvr-tnrkSezgkpJFxZLZbofhFCQ7UbyQTMZ5xLQbVwbp6cjfidoUWEP_c9Wgw2pb7kOLWjd5nRUIDaTP2FbLZYz7N1H8PXYQMKEHTO7c21NJ179TOOswNJ9oanklhes8lL8LVwhDvyLz_eSrRbmrhCxkjOaYSK5EvOnoJjOEBHYQHMKqtW7SfqHaAa3CuOUeA6D1Nm4eIhxr6CmxUvNs9CmKjWYlDhw5oCddBFjuhr_pKnw_xvBNJyX708jy6I9TJfGH6twWjX1wJrKur82xriw84AJ6vu9ytCO45HqatBlIDr4BJGjudSBSeWAsNgLxl1d8qG5xyZr03q2dBsfxQ5UxwprMSXsHDIOji8gHjm7aSIL4u6uMvF6ZD4iADUx8hrsUV7ojQb-8m_uMbFrUb7J-1oYTzt6IMUSt8BLHUTgZFhe5YFneWpHeeWFkKSO-ffppP7GAZ6WqHFvtLOzrNa6kaJ-2Ag8SaqY8C_RkZn0HT9Yj3fiweaNyrMEtJ5SOIum1QiOE2XNlNnw6c83aRwmB6Y45R_ZHFnorvKlK3mklH31XDoPSL98dlPdJNDpSRpmzGG_Jc4ZJm-D68wdAsb9u3RCuATgx3eXBkezqL35z9PfU6NRVG0kAfDU1VO1VpWQFbghbGFl8s5gAMQ4k3tmMMbVR9vCo_qL2XPGajZsHnCDF7QZqHrmkUTR65KZe6V92QgCLzTgJ99pqhgn2CHXcrs0t9MFuJWDFwoUtp4EpZpiUA9ZsLJoQYT-1AEME4GCKszPVxePU44pDsMtZK33HRX1E-AlSkpPv1RzSIvTivw0ArhCFbo6pGs6rU5-SxoX95prSoW0lEs-u3UUK_DhK30jrBVCjIyj4SxIHuisrc5xM35Nj1b3HuAClbROU5FVIyr435f3khfM-TA6pr3pO0UcHDb-m-rz0AbAs8HSBOF3eT3Nq0WGHf-mPZExyZAf6ywpwVHZ5Y7duLGonTSVnk_RP2rZSPudDmUTI-5WLKPhqd6dEnA5yTOnFoKLSJjPsxkNw1DLS2qpbhloYUvjbdKJi0BD2rD5DHqd_KVxYpTdxuY8dL3KXpJ69-b7Du7tqjmPvNfaWRgfnvWgfUrbYJaDVZLzuB5jLuP56Jr_IYaqU99CRmbZzyQ44DiJn3384Yx7n_PmC4b7txMb1dUlEuWyJXeSu-_hwIXEkAHT_31gjMhsiqALf6XaD53iNJ-R3ANh5r5qAwQ8vG4-ay01hW-aumuj7nSPjBVN0UKNLjI63tKCvU8yhvd0LtYBG1MTa6DLefwJkzaSe4vfI1vFg-OZsy7XN0eEIiAukEN6UQckFl8LTTvB5zV_pZVbeOf9Wd7WNJvUqRodjCqCJb1F0UChOkJcu6ech5Skca9T&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 05:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42221
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 05:00:24 GMT
11172020-102939723-DE_Off_M1_GDN_300x250.png
s0.2mdn.net/9504762/ Frame A474 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9504762/11172020-102939723-DE_Off_M1_GDN_300x250.png
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd6f87cab36b85a519558b79e4b05254ab8e8e57168abba1c4cef63516224d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 19:44:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 18:29:39 GMT
server
sffe
age
75557
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16997
x-xss-protection
0
expires
Wed, 19 May 2021 19:44:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 5DE1 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYi6eFMTYGM4YGpCJFP9PSICBqEX1miyB-5OMnXv-oxV20q3nloEoD82IpkXjy2PHrmpb_INO_vgR13UH-6QulTlr0CZBjGIENylmTuakwVGG7nHauXSKTArakePrJBdItDhs5Nf1P8nY_nDiJiQr2DAaEwg&dbm_d=AKAmf-B_d-90IK2gnc5GVFQIZVwDRnh3NwF0v4OXXdZJCeF5PVgEXHptSqSRyuuXeYW5UqfeoujIM1_3A0v8kerb0TaiZPCrPQFL86stVa8uJIPWh5t43ZmVA0yRAdrbQJj4Pcb9IlKQQutfqsv8qhfcfqd-hBs5me4GZSem0MfFxCgkWuQvZ8XsBNOAGkmuKK6AuOmfL52a5R-QJIVb2LF0rYdiLv9814p8BFNdQfujEf77ByenhWObi3iwjv-oyNzQmqYN06uljCZA4PtccaCojQYCPBefO9n9dWdD8-3oESoItQNAELskvuBYG3Km7QRcq7qXX9OPPeyRD7XkVQi_efjMuaU985vwl3ehFf2HkgVAQk_JvDZXKfwtD8GsxTPkXTYVyEdpY-hWNnk470bWeYNXXVr5BhIf_hsyHhpPzPgIjBANM60le_0I7JhzUIRz3a8BBto1TIHj9ksNZFp0MiNrh3VzJ-VNHBWqHE_Hoo3HJp3lkKC4rWAkS1CYu2Y6gRMixU7D_TSzZdI0LleMVNedrMRKhEuMcNVRoP2RYuX0LdIRDa7Z1ocvchBEdvATtHewjXD-CNgVRpGEz5FnB53HXPqasME9u9jKuEs5WCokiLrTXDXQ-bfdG1Ly-cVclnEv9rrYBHIe-KyHwW9LRGVMAKY4WZE8RGbPuJ1eXya5Bj4_GjBxxPjyY1beJrOg6eoGh_uthqu4NPT-46aH63guMRbWbNLEZJ7gj6xl6Z7I-6VBYy6LD8fIQtMwAgvRnccv_BV3L8CZpgGu3rno62Eo8AcWZe9ZIoOFhJ1QXMu_DgSGrhkYGmHAVQMQXrwHyQZHRl7LlgeS78_0WTC8NdhY6mgUQWcaKIYLC5LK3NKE5243PjbqLsuZJiBg3N3Row15FQeC9syGoisXAPddYA3Enblnmgy-c5RS2BfmxlqAt0VTLvXcWgSuCL95OQ25z8ZRbkR-fIBSvY0rS-odYYLb0MAgtDkrvjVHe1v6qUZAlcnEkqWgC-y-XxsDcum2Oijq50r-9K1kbxe5BH2dqvbgfMjJno9bxLKaKk_6RCK3IBqWgCC8ouhi1Xul8OehbYz57KiZrHCRzVamJDK-uwfbwCzhGjOJjVxvLNKFcMP_T-7fwD74hLq7zAu3Pp5TWBjcqGkI8Djt6bvbDa1eJHckrWsfsgxvuygyVWfQvkurLwrVseOpI89PaRDI2JQbuy0d_4LMvFe07b1j7P3zuzFhrKY1miwyiJv3XJl7dvbIr4cYcSckRei3D6oNrE0Tf4TeD7xbd3wBKIfsmkm9z636arWzf6M8e9gOVoSkkIVPyM69GUedjtbe0ULshkzi3vW_MwceIXqg1yRXfc8Lsf-fjuAMxStwJUeHnlne76QgXEBp04Uhp8xDKd1SD_qr8m93g47C_ad6r6VI7Ii0QI1aAAnGQMRUSaVcDRv9k8ImZzTiMesJ3k55s5THlPlJW-vzK1QNJFqTMQtuUKMSIISQEvixU_XJu2YWY_sva6b-RSt9iVzP3vcjIB5C1gNEAgmeIsP-YF9v2izM63nPtcgnt1P3kEOI1kphJtwVC-W_y-EhsLU4rkBK08Z7TnQhSmfA6yQwONCd9yxuJABRI3rRZzVtR1qN1tPBG5RPgCX-tvWEuux6tLrRm0nUfKbddqVgwlH2qihYZ6fi-FZNqtVoPZiViijjFOVbHMgSpLtMUTf7d9CBHBV3VEnJHWf2tXjipjk7ECMkaVIEdTL0_8yAb6dD7NnGwceTt6YFQrrrPi0mh5effaIsbWtWTuElvuJsXF1Q52xNx0UoPRkpgdp1LWRjaS1RI-bcBnOwJxFQpARJ9K77b_GvfCJwJWFT0GeC4o3b7Tz6JHhzbwgtrOHISgPjqJlcv0OLdCU9f0Jji7jZNPkMPoqQVdyGCLZ3WEG1YD3UBy-aUu-urn5hpGapM4_piU1E7100tIVwGC-Af7ZaPjGrdKG2AIq7DUTUvcKq-7BVb94aryNmHs0XU_EONnQS12nMc4ltBib3_D4XSshnXwbVV5EHEP0RZjTam0u68QKfrX_Y54DjjLFs4GmDuX8l_kIUziPPOIBiWlBWDDa4OxfQG1-FkuGUt1xKb9WgyeHDw2Qw2ziSepKbhgDPybH_ocn9aa4Y9qGVzyP98zrkSNA_eo7n54JP88H6jDS0DZBjNhq3cs7JgonUhm5cl1p72tGynTeHPsiJtbKchQZbi6NVX4DUhH7PFtrPgYAGllhbAlmbSBS0HdwFm3WERvf2uaYxbwsWhYgMFC4_rATHatYrDaZ0d8cbjVYTxJSNmWh0CA9IZew2I4PG9eFyniLNSjUguL5OoEPD3JkB1Tntmw8bkKdSyqzf4RUMYGNNfcFqdQk_CSQ21axv5mm6hZtQDd34DvWo3k-n3_o1ARMwxn4lxensDeZg_mmgvkF2p_-eJ5n3rTGyq1qnMpe4no_HyL55rxIiuLD6y61ZzWfY2Xq2zoSOjp80rhR30LtKp0j6rvp754Qi493zf3isWdjRIxehl1ctP36wO-f8ECwQwNZdUf2wDqk0BQ95B55JXt-Um6hNEU7Z3Dgmc1b2NaJannm-Q_SfRL4yaazZnCx59tFFE_nmgb0B5Qqh8kf1jUJJtpfMHOvmVMW7PiiOyHxFMTXux8hayHCEXEo1OMyRrHmLOT5CrWbyHGBGrUyiHuqjuSVgfeFjmg1gPg-vWIf6bnMrcgGZ9oxgsQas3wOzdaq7j3g3aZcHHN9KYZ3cr2G1-z1wk9-h7xms0ciX6xnVQoD-jewdRhdAqmp9U6d5gZJR1zBjDfjYxHZ4DpE8wO-GKIDDv0eFjxqCmJIMabKFgKHz03tWJWTPVJXQPa6RcyDSd17HUG6rb-iCk7Q9cozFXMr-1jIK3MX--dZl0eRvAe2j08FSjmRg2_2MKD00V1yemEfKK9aFZZr4hy6k5n433Cf8JwN7s2zJYFkonY1t9urDoD0QRZJoAtHFv_8pEsn2yH5nzkICT1GlrBN9KxmOYinKRvOj2UihmoPsvRvSlyZ8h312OUSKtUzdHHXLcl_rYliWQOzz91Vxr8eo8yr8IgLJ_uuI_GaaijSDlKymHBGXZC2griLScPjsikt7u0l0d7K_P03IJNcC_8pjxHOz&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:42:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 5DE1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYi6eFMTYGM4YGpCJFP9PSICBqEX1miyB-5OMnXv-oxV20q3nloEoD82IpkXjy2PHrmpb_INO_vgR13UH-6QulTlr0CZBjGIENylmTuakwVGG7nHauXSKTArakePrJBdItDhs5Nf1P8nY_nDiJiQr2DAaEwg&dbm_d=AKAmf-B_d-90IK2gnc5GVFQIZVwDRnh3NwF0v4OXXdZJCeF5PVgEXHptSqSRyuuXeYW5UqfeoujIM1_3A0v8kerb0TaiZPCrPQFL86stVa8uJIPWh5t43ZmVA0yRAdrbQJj4Pcb9IlKQQutfqsv8qhfcfqd-hBs5me4GZSem0MfFxCgkWuQvZ8XsBNOAGkmuKK6AuOmfL52a5R-QJIVb2LF0rYdiLv9814p8BFNdQfujEf77ByenhWObi3iwjv-oyNzQmqYN06uljCZA4PtccaCojQYCPBefO9n9dWdD8-3oESoItQNAELskvuBYG3Km7QRcq7qXX9OPPeyRD7XkVQi_efjMuaU985vwl3ehFf2HkgVAQk_JvDZXKfwtD8GsxTPkXTYVyEdpY-hWNnk470bWeYNXXVr5BhIf_hsyHhpPzPgIjBANM60le_0I7JhzUIRz3a8BBto1TIHj9ksNZFp0MiNrh3VzJ-VNHBWqHE_Hoo3HJp3lkKC4rWAkS1CYu2Y6gRMixU7D_TSzZdI0LleMVNedrMRKhEuMcNVRoP2RYuX0LdIRDa7Z1ocvchBEdvATtHewjXD-CNgVRpGEz5FnB53HXPqasME9u9jKuEs5WCokiLrTXDXQ-bfdG1Ly-cVclnEv9rrYBHIe-KyHwW9LRGVMAKY4WZE8RGbPuJ1eXya5Bj4_GjBxxPjyY1beJrOg6eoGh_uthqu4NPT-46aH63guMRbWbNLEZJ7gj6xl6Z7I-6VBYy6LD8fIQtMwAgvRnccv_BV3L8CZpgGu3rno62Eo8AcWZe9ZIoOFhJ1QXMu_DgSGrhkYGmHAVQMQXrwHyQZHRl7LlgeS78_0WTC8NdhY6mgUQWcaKIYLC5LK3NKE5243PjbqLsuZJiBg3N3Row15FQeC9syGoisXAPddYA3Enblnmgy-c5RS2BfmxlqAt0VTLvXcWgSuCL95OQ25z8ZRbkR-fIBSvY0rS-odYYLb0MAgtDkrvjVHe1v6qUZAlcnEkqWgC-y-XxsDcum2Oijq50r-9K1kbxe5BH2dqvbgfMjJno9bxLKaKk_6RCK3IBqWgCC8ouhi1Xul8OehbYz57KiZrHCRzVamJDK-uwfbwCzhGjOJjVxvLNKFcMP_T-7fwD74hLq7zAu3Pp5TWBjcqGkI8Djt6bvbDa1eJHckrWsfsgxvuygyVWfQvkurLwrVseOpI89PaRDI2JQbuy0d_4LMvFe07b1j7P3zuzFhrKY1miwyiJv3XJl7dvbIr4cYcSckRei3D6oNrE0Tf4TeD7xbd3wBKIfsmkm9z636arWzf6M8e9gOVoSkkIVPyM69GUedjtbe0ULshkzi3vW_MwceIXqg1yRXfc8Lsf-fjuAMxStwJUeHnlne76QgXEBp04Uhp8xDKd1SD_qr8m93g47C_ad6r6VI7Ii0QI1aAAnGQMRUSaVcDRv9k8ImZzTiMesJ3k55s5THlPlJW-vzK1QNJFqTMQtuUKMSIISQEvixU_XJu2YWY_sva6b-RSt9iVzP3vcjIB5C1gNEAgmeIsP-YF9v2izM63nPtcgnt1P3kEOI1kphJtwVC-W_y-EhsLU4rkBK08Z7TnQhSmfA6yQwONCd9yxuJABRI3rRZzVtR1qN1tPBG5RPgCX-tvWEuux6tLrRm0nUfKbddqVgwlH2qihYZ6fi-FZNqtVoPZiViijjFOVbHMgSpLtMUTf7d9CBHBV3VEnJHWf2tXjipjk7ECMkaVIEdTL0_8yAb6dD7NnGwceTt6YFQrrrPi0mh5effaIsbWtWTuElvuJsXF1Q52xNx0UoPRkpgdp1LWRjaS1RI-bcBnOwJxFQpARJ9K77b_GvfCJwJWFT0GeC4o3b7Tz6JHhzbwgtrOHISgPjqJlcv0OLdCU9f0Jji7jZNPkMPoqQVdyGCLZ3WEG1YD3UBy-aUu-urn5hpGapM4_piU1E7100tIVwGC-Af7ZaPjGrdKG2AIq7DUTUvcKq-7BVb94aryNmHs0XU_EONnQS12nMc4ltBib3_D4XSshnXwbVV5EHEP0RZjTam0u68QKfrX_Y54DjjLFs4GmDuX8l_kIUziPPOIBiWlBWDDa4OxfQG1-FkuGUt1xKb9WgyeHDw2Qw2ziSepKbhgDPybH_ocn9aa4Y9qGVzyP98zrkSNA_eo7n54JP88H6jDS0DZBjNhq3cs7JgonUhm5cl1p72tGynTeHPsiJtbKchQZbi6NVX4DUhH7PFtrPgYAGllhbAlmbSBS0HdwFm3WERvf2uaYxbwsWhYgMFC4_rATHatYrDaZ0d8cbjVYTxJSNmWh0CA9IZew2I4PG9eFyniLNSjUguL5OoEPD3JkB1Tntmw8bkKdSyqzf4RUMYGNNfcFqdQk_CSQ21axv5mm6hZtQDd34DvWo3k-n3_o1ARMwxn4lxensDeZg_mmgvkF2p_-eJ5n3rTGyq1qnMpe4no_HyL55rxIiuLD6y61ZzWfY2Xq2zoSOjp80rhR30LtKp0j6rvp754Qi493zf3isWdjRIxehl1ctP36wO-f8ECwQwNZdUf2wDqk0BQ95B55JXt-Um6hNEU7Z3Dgmc1b2NaJannm-Q_SfRL4yaazZnCx59tFFE_nmgb0B5Qqh8kf1jUJJtpfMHOvmVMW7PiiOyHxFMTXux8hayHCEXEo1OMyRrHmLOT5CrWbyHGBGrUyiHuqjuSVgfeFjmg1gPg-vWIf6bnMrcgGZ9oxgsQas3wOzdaq7j3g3aZcHHN9KYZ3cr2G1-z1wk9-h7xms0ciX6xnVQoD-jewdRhdAqmp9U6d5gZJR1zBjDfjYxHZ4DpE8wO-GKIDDv0eFjxqCmJIMabKFgKHz03tWJWTPVJXQPa6RcyDSd17HUG6rb-iCk7Q9cozFXMr-1jIK3MX--dZl0eRvAe2j08FSjmRg2_2MKD00V1yemEfKK9aFZZr4hy6k5n433Cf8JwN7s2zJYFkonY1t9urDoD0QRZJoAtHFv_8pEsn2yH5nzkICT1GlrBN9KxmOYinKRvOj2UihmoPsvRvSlyZ8h312OUSKtUzdHHXLcl_rYliWQOzz91Vxr8eo8yr8IgLJ_uuI_GaaijSDlKymHBGXZC2griLScPjsikt7u0l0d7K_P03IJNcC_8pjxHOz&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5DE1 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCVMcu2dnO4unoJoO1Df0xZfEYGCe6n7FDUqxPbVka0lAlX7CkBhvKhT-qhlDiS1Nvhpe2Oo1QPHrm4OFPOK-A5KhJ5nWH1ENbphRulPoYk9gbEpbkceqvPRWXBhkQaLCWweUUzLG5x2yQ9T9R709qOccVHx_j3tgjwkmquQtoBj52O1Pi-KAzgXE9G499cE537Hl0NxWC5cEZuQATZUrrXJqu1jDA4jRZC8FMkIxcwC1q6SFic0N3pq_05CUZ9fYOQmB0m72UnPKeuBeY2Xjibr2A_GQjBK0sBrfXmgF33V-7-dFexSLgV8nbApK-BGtlPhouloHW6L4BRtshHy62403Q4PYymCq-CDy11XZUPfNVRqRaG5q1_ovUYl1CLuV6easkH3vTwZDzWD8uMpW6btoWHp1Oiyu9eoHaj-NcFjd3WGpOOjf2NQEFsgbxlyB9SzY125u2b2NAvTfWQQzeFw2n5w8TDHymhRUBiVt5HnRfgUoMm1x03d0NTtrQD6C8OvnCJvUOFooVszF2KfCzXojlNqcXFlwx-ftDxkPG1u2U937GNlN-BkZBBv5n2ZLaVzLjkOFj3ar4srdscq0X--2Rnb4ZW3ZNyo-wtjVZ2VmgDjbsoeAO9KfKl5mb--NU033nvD-mu_FnVxiU4b7ijnboJ91E2W8KBOx6DacD8WK-fdozdUNHc30yDsf8wV-mQ7_v12fhBmAYB-PGJs67FrCYxYaSG3L8jpkBZ56A0gEDr9CzeNP0hNfMN-K7rg2_vO8RK2dBVnlkqkRWcWy_ZeoZWbjgkp1w3dpUHKEgHOo_pcXxInE5uUnLoZygDeBORzjih5iYeIGIftFIjI72ffYxDBuxdYIo9v_N32S0Lx1QOWLLdIRxbMabH4ltv09mm_0ZRKtjNuvsBLJPFPdRSjIi0IesDEWsPb9wUNIW4GLWQB2hyA-XzjGlzD0vOYuFqMq7OPaaf0zgoDq9aX3RiWtfHMa3BFHVIMDmMB1CrWIv7F_uKXoF3m6vAuYKPFnp973LOnRr12Q4xbyHx4Cexmm_L0TSRq14uSQmb5bUygvYrL_k4gMBgAqldDNHqdn-zd9Urxcnzn68agFLuzleCAPrayWVf3jCwFDXi6DWjW2wVpr8NRH3XzLT8rOjtQYeStXoXtWM7rQ1AIyhfjAf0oZQOyycgHOZB0i74AIEBd03GPZDRcFm7W0&sai=AMfl-YQgWQ9-qMXgFU-8XVWa2QEyzXE6KSiRfmZgqXZgiJJU60ggmeQBdOapwfAJIfTcJAkDbZiqahNc4q_oLktfWABj-Q0qPxYakUMSKa1nWkZwKF4zrqmEtTUROphHNpdXGdjYGuHwb9gnzYeEhHJvExIZU0IR1xMuWWLS65ZtjDRhSoNvpmlqT3wkVPU44rd2UOikZRhEuB-iItnv5Q3UhvVbWyr2_6aqqDrrNBFPPw&sig=Cg0ArKJSzPm7QEoscCHeEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210517.89023&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYi6eFMTYGM4YGpCJFP9PSICBqEX1miyB-5OMnXv-oxV20q3nloEoD82IpkXjy2PHrmpb_INO_vgR13UH-6QulTlr0CZBjGIENylmTuakwVGG7nHauXSKTArakePrJBdItDhs5Nf1P8nY_nDiJiQr2DAaEwg&dbm_d=AKAmf-B_d-90IK2gnc5GVFQIZVwDRnh3NwF0v4OXXdZJCeF5PVgEXHptSqSRyuuXeYW5UqfeoujIM1_3A0v8kerb0TaiZPCrPQFL86stVa8uJIPWh5t43ZmVA0yRAdrbQJj4Pcb9IlKQQutfqsv8qhfcfqd-hBs5me4GZSem0MfFxCgkWuQvZ8XsBNOAGkmuKK6AuOmfL52a5R-QJIVb2LF0rYdiLv9814p8BFNdQfujEf77ByenhWObi3iwjv-oyNzQmqYN06uljCZA4PtccaCojQYCPBefO9n9dWdD8-3oESoItQNAELskvuBYG3Km7QRcq7qXX9OPPeyRD7XkVQi_efjMuaU985vwl3ehFf2HkgVAQk_JvDZXKfwtD8GsxTPkXTYVyEdpY-hWNnk470bWeYNXXVr5BhIf_hsyHhpPzPgIjBANM60le_0I7JhzUIRz3a8BBto1TIHj9ksNZFp0MiNrh3VzJ-VNHBWqHE_Hoo3HJp3lkKC4rWAkS1CYu2Y6gRMixU7D_TSzZdI0LleMVNedrMRKhEuMcNVRoP2RYuX0LdIRDa7Z1ocvchBEdvATtHewjXD-CNgVRpGEz5FnB53HXPqasME9u9jKuEs5WCokiLrTXDXQ-bfdG1Ly-cVclnEv9rrYBHIe-KyHwW9LRGVMAKY4WZE8RGbPuJ1eXya5Bj4_GjBxxPjyY1beJrOg6eoGh_uthqu4NPT-46aH63guMRbWbNLEZJ7gj6xl6Z7I-6VBYy6LD8fIQtMwAgvRnccv_BV3L8CZpgGu3rno62Eo8AcWZe9ZIoOFhJ1QXMu_DgSGrhkYGmHAVQMQXrwHyQZHRl7LlgeS78_0WTC8NdhY6mgUQWcaKIYLC5LK3NKE5243PjbqLsuZJiBg3N3Row15FQeC9syGoisXAPddYA3Enblnmgy-c5RS2BfmxlqAt0VTLvXcWgSuCL95OQ25z8ZRbkR-fIBSvY0rS-odYYLb0MAgtDkrvjVHe1v6qUZAlcnEkqWgC-y-XxsDcum2Oijq50r-9K1kbxe5BH2dqvbgfMjJno9bxLKaKk_6RCK3IBqWgCC8ouhi1Xul8OehbYz57KiZrHCRzVamJDK-uwfbwCzhGjOJjVxvLNKFcMP_T-7fwD74hLq7zAu3Pp5TWBjcqGkI8Djt6bvbDa1eJHckrWsfsgxvuygyVWfQvkurLwrVseOpI89PaRDI2JQbuy0d_4LMvFe07b1j7P3zuzFhrKY1miwyiJv3XJl7dvbIr4cYcSckRei3D6oNrE0Tf4TeD7xbd3wBKIfsmkm9z636arWzf6M8e9gOVoSkkIVPyM69GUedjtbe0ULshkzi3vW_MwceIXqg1yRXfc8Lsf-fjuAMxStwJUeHnlne76QgXEBp04Uhp8xDKd1SD_qr8m93g47C_ad6r6VI7Ii0QI1aAAnGQMRUSaVcDRv9k8ImZzTiMesJ3k55s5THlPlJW-vzK1QNJFqTMQtuUKMSIISQEvixU_XJu2YWY_sva6b-RSt9iVzP3vcjIB5C1gNEAgmeIsP-YF9v2izM63nPtcgnt1P3kEOI1kphJtwVC-W_y-EhsLU4rkBK08Z7TnQhSmfA6yQwONCd9yxuJABRI3rRZzVtR1qN1tPBG5RPgCX-tvWEuux6tLrRm0nUfKbddqVgwlH2qihYZ6fi-FZNqtVoPZiViijjFOVbHMgSpLtMUTf7d9CBHBV3VEnJHWf2tXjipjk7ECMkaVIEdTL0_8yAb6dD7NnGwceTt6YFQrrrPi0mh5effaIsbWtWTuElvuJsXF1Q52xNx0UoPRkpgdp1LWRjaS1RI-bcBnOwJxFQpARJ9K77b_GvfCJwJWFT0GeC4o3b7Tz6JHhzbwgtrOHISgPjqJlcv0OLdCU9f0Jji7jZNPkMPoqQVdyGCLZ3WEG1YD3UBy-aUu-urn5hpGapM4_piU1E7100tIVwGC-Af7ZaPjGrdKG2AIq7DUTUvcKq-7BVb94aryNmHs0XU_EONnQS12nMc4ltBib3_D4XSshnXwbVV5EHEP0RZjTam0u68QKfrX_Y54DjjLFs4GmDuX8l_kIUziPPOIBiWlBWDDa4OxfQG1-FkuGUt1xKb9WgyeHDw2Qw2ziSepKbhgDPybH_ocn9aa4Y9qGVzyP98zrkSNA_eo7n54JP88H6jDS0DZBjNhq3cs7JgonUhm5cl1p72tGynTeHPsiJtbKchQZbi6NVX4DUhH7PFtrPgYAGllhbAlmbSBS0HdwFm3WERvf2uaYxbwsWhYgMFC4_rATHatYrDaZ0d8cbjVYTxJSNmWh0CA9IZew2I4PG9eFyniLNSjUguL5OoEPD3JkB1Tntmw8bkKdSyqzf4RUMYGNNfcFqdQk_CSQ21axv5mm6hZtQDd34DvWo3k-n3_o1ARMwxn4lxensDeZg_mmgvkF2p_-eJ5n3rTGyq1qnMpe4no_HyL55rxIiuLD6y61ZzWfY2Xq2zoSOjp80rhR30LtKp0j6rvp754Qi493zf3isWdjRIxehl1ctP36wO-f8ECwQwNZdUf2wDqk0BQ95B55JXt-Um6hNEU7Z3Dgmc1b2NaJannm-Q_SfRL4yaazZnCx59tFFE_nmgb0B5Qqh8kf1jUJJtpfMHOvmVMW7PiiOyHxFMTXux8hayHCEXEo1OMyRrHmLOT5CrWbyHGBGrUyiHuqjuSVgfeFjmg1gPg-vWIf6bnMrcgGZ9oxgsQas3wOzdaq7j3g3aZcHHN9KYZ3cr2G1-z1wk9-h7xms0ciX6xnVQoD-jewdRhdAqmp9U6d5gZJR1zBjDfjYxHZ4DpE8wO-GKIDDv0eFjxqCmJIMabKFgKHz03tWJWTPVJXQPa6RcyDSd17HUG6rb-iCk7Q9cozFXMr-1jIK3MX--dZl0eRvAe2j08FSjmRg2_2MKD00V1yemEfKK9aFZZr4hy6k5n433Cf8JwN7s2zJYFkonY1t9urDoD0QRZJoAtHFv_8pEsn2yH5nzkICT1GlrBN9KxmOYinKRvOj2UihmoPsvRvSlyZ8h312OUSKtUzdHHXLcl_rYliWQOzz91Vxr8eo8yr8IgLJ_uuI_GaaijSDlKymHBGXZC2griLScPjsikt7u0l0d7K_P03IJNcC_8pjxHOz&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 19 May 2021 16:44:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5DE1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYi6eFMTYGM4YGpCJFP9PSICBqEX1miyB-5OMnXv-oxV20q3nloEoD82IpkXjy2PHrmpb_INO_vgR13UH-6QulTlr0CZBjGIENylmTuakwVGG7nHauXSKTArakePrJBdItDhs5Nf1P8nY_nDiJiQr2DAaEwg&dbm_d=AKAmf-B_d-90IK2gnc5GVFQIZVwDRnh3NwF0v4OXXdZJCeF5PVgEXHptSqSRyuuXeYW5UqfeoujIM1_3A0v8kerb0TaiZPCrPQFL86stVa8uJIPWh5t43ZmVA0yRAdrbQJj4Pcb9IlKQQutfqsv8qhfcfqd-hBs5me4GZSem0MfFxCgkWuQvZ8XsBNOAGkmuKK6AuOmfL52a5R-QJIVb2LF0rYdiLv9814p8BFNdQfujEf77ByenhWObi3iwjv-oyNzQmqYN06uljCZA4PtccaCojQYCPBefO9n9dWdD8-3oESoItQNAELskvuBYG3Km7QRcq7qXX9OPPeyRD7XkVQi_efjMuaU985vwl3ehFf2HkgVAQk_JvDZXKfwtD8GsxTPkXTYVyEdpY-hWNnk470bWeYNXXVr5BhIf_hsyHhpPzPgIjBANM60le_0I7JhzUIRz3a8BBto1TIHj9ksNZFp0MiNrh3VzJ-VNHBWqHE_Hoo3HJp3lkKC4rWAkS1CYu2Y6gRMixU7D_TSzZdI0LleMVNedrMRKhEuMcNVRoP2RYuX0LdIRDa7Z1ocvchBEdvATtHewjXD-CNgVRpGEz5FnB53HXPqasME9u9jKuEs5WCokiLrTXDXQ-bfdG1Ly-cVclnEv9rrYBHIe-KyHwW9LRGVMAKY4WZE8RGbPuJ1eXya5Bj4_GjBxxPjyY1beJrOg6eoGh_uthqu4NPT-46aH63guMRbWbNLEZJ7gj6xl6Z7I-6VBYy6LD8fIQtMwAgvRnccv_BV3L8CZpgGu3rno62Eo8AcWZe9ZIoOFhJ1QXMu_DgSGrhkYGmHAVQMQXrwHyQZHRl7LlgeS78_0WTC8NdhY6mgUQWcaKIYLC5LK3NKE5243PjbqLsuZJiBg3N3Row15FQeC9syGoisXAPddYA3Enblnmgy-c5RS2BfmxlqAt0VTLvXcWgSuCL95OQ25z8ZRbkR-fIBSvY0rS-odYYLb0MAgtDkrvjVHe1v6qUZAlcnEkqWgC-y-XxsDcum2Oijq50r-9K1kbxe5BH2dqvbgfMjJno9bxLKaKk_6RCK3IBqWgCC8ouhi1Xul8OehbYz57KiZrHCRzVamJDK-uwfbwCzhGjOJjVxvLNKFcMP_T-7fwD74hLq7zAu3Pp5TWBjcqGkI8Djt6bvbDa1eJHckrWsfsgxvuygyVWfQvkurLwrVseOpI89PaRDI2JQbuy0d_4LMvFe07b1j7P3zuzFhrKY1miwyiJv3XJl7dvbIr4cYcSckRei3D6oNrE0Tf4TeD7xbd3wBKIfsmkm9z636arWzf6M8e9gOVoSkkIVPyM69GUedjtbe0ULshkzi3vW_MwceIXqg1yRXfc8Lsf-fjuAMxStwJUeHnlne76QgXEBp04Uhp8xDKd1SD_qr8m93g47C_ad6r6VI7Ii0QI1aAAnGQMRUSaVcDRv9k8ImZzTiMesJ3k55s5THlPlJW-vzK1QNJFqTMQtuUKMSIISQEvixU_XJu2YWY_sva6b-RSt9iVzP3vcjIB5C1gNEAgmeIsP-YF9v2izM63nPtcgnt1P3kEOI1kphJtwVC-W_y-EhsLU4rkBK08Z7TnQhSmfA6yQwONCd9yxuJABRI3rRZzVtR1qN1tPBG5RPgCX-tvWEuux6tLrRm0nUfKbddqVgwlH2qihYZ6fi-FZNqtVoPZiViijjFOVbHMgSpLtMUTf7d9CBHBV3VEnJHWf2tXjipjk7ECMkaVIEdTL0_8yAb6dD7NnGwceTt6YFQrrrPi0mh5effaIsbWtWTuElvuJsXF1Q52xNx0UoPRkpgdp1LWRjaS1RI-bcBnOwJxFQpARJ9K77b_GvfCJwJWFT0GeC4o3b7Tz6JHhzbwgtrOHISgPjqJlcv0OLdCU9f0Jji7jZNPkMPoqQVdyGCLZ3WEG1YD3UBy-aUu-urn5hpGapM4_piU1E7100tIVwGC-Af7ZaPjGrdKG2AIq7DUTUvcKq-7BVb94aryNmHs0XU_EONnQS12nMc4ltBib3_D4XSshnXwbVV5EHEP0RZjTam0u68QKfrX_Y54DjjLFs4GmDuX8l_kIUziPPOIBiWlBWDDa4OxfQG1-FkuGUt1xKb9WgyeHDw2Qw2ziSepKbhgDPybH_ocn9aa4Y9qGVzyP98zrkSNA_eo7n54JP88H6jDS0DZBjNhq3cs7JgonUhm5cl1p72tGynTeHPsiJtbKchQZbi6NVX4DUhH7PFtrPgYAGllhbAlmbSBS0HdwFm3WERvf2uaYxbwsWhYgMFC4_rATHatYrDaZ0d8cbjVYTxJSNmWh0CA9IZew2I4PG9eFyniLNSjUguL5OoEPD3JkB1Tntmw8bkKdSyqzf4RUMYGNNfcFqdQk_CSQ21axv5mm6hZtQDd34DvWo3k-n3_o1ARMwxn4lxensDeZg_mmgvkF2p_-eJ5n3rTGyq1qnMpe4no_HyL55rxIiuLD6y61ZzWfY2Xq2zoSOjp80rhR30LtKp0j6rvp754Qi493zf3isWdjRIxehl1ctP36wO-f8ECwQwNZdUf2wDqk0BQ95B55JXt-Um6hNEU7Z3Dgmc1b2NaJannm-Q_SfRL4yaazZnCx59tFFE_nmgb0B5Qqh8kf1jUJJtpfMHOvmVMW7PiiOyHxFMTXux8hayHCEXEo1OMyRrHmLOT5CrWbyHGBGrUyiHuqjuSVgfeFjmg1gPg-vWIf6bnMrcgGZ9oxgsQas3wOzdaq7j3g3aZcHHN9KYZ3cr2G1-z1wk9-h7xms0ciX6xnVQoD-jewdRhdAqmp9U6d5gZJR1zBjDfjYxHZ4DpE8wO-GKIDDv0eFjxqCmJIMabKFgKHz03tWJWTPVJXQPa6RcyDSd17HUG6rb-iCk7Q9cozFXMr-1jIK3MX--dZl0eRvAe2j08FSjmRg2_2MKD00V1yemEfKK9aFZZr4hy6k5n433Cf8JwN7s2zJYFkonY1t9urDoD0QRZJoAtHFv_8pEsn2yH5nzkICT1GlrBN9KxmOYinKRvOj2UihmoPsvRvSlyZ8h312OUSKtUzdHHXLcl_rYliWQOzz91Vxr8eo8yr8IgLJ_uuI_GaaijSDlKymHBGXZC2griLScPjsikt7u0l0d7K_P03IJNcC_8pjxHOz&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 05:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42221
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 05:00:24 GMT
GTM_DE_NetworkYourTeam_TryFree_Static_970x250.jpg
s0.2mdn.net/9680551/ Frame 5DE1 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9680551/GTM_DE_NetworkYourTeam_TryFree_Static_970x250.jpg
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0dd19b8ee0aa062e8d238c37dadb28af3b2063ad71548003b02336a039dbf76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 05:03:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:06:54 GMT
server
sffe
age
42061
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
154005
x-xss-protection
0
expires
Thu, 20 May 2021 05:03:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 0249 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duz9z0ehNpWEKGS3r5TrZ4bLzTGGHOpjRV9GsNSI2478XbgRDf1y5DMIOjtKiomJY2_DWGt4q2C8cGkgg_xInK0YBn7ri7VxU3LNmawxP84GTnT8RWM4PMhMB7CEm1nqY9MOcE94MjCHC7SJ9ejzpbgI8ilg&dbm_d=AKAmf-AnWlNK41DILeqbCecg8iGpBlM8sYBBmib8NGgq3uY4QK_4juyWCvIFT6hikfJKr1dvNU6YeWXvpsNCnEpaiuydnAg_5k5EKnr-cbtbhpgdF6sjzFEOZUEUVu3oKghSifX60Of0iOZlq9jFwCxFy8BdWQrneinaYM3orzukMVCEim4w3rOXLnY6YDTbEUOH52umklO71CpKWp2DB7q12uOdRGFppod5HJjpYhxOPN1t4gtTX48wU0m174CoTovpfQT34KA4JKnxAQb51pQBAR4lU4FHTpJqyZC3re_V8sqbs51cE9iQcW7GkufdDAVFqDmC2pX8M9Y_WuACwWHVA5ztcf_qMsAKiLGo8_I09Na2ot2Yw9J_A5Fayg1DLqms7PcMRPS7C9C_J2_sWpdY4Wxqn54TrdhZjN7K8Vvh-N7lfjJyAXOWpTRE2TRCbxo-D2feafeZfD9fQfdNfkQDZ8Ro_Zw7tpcIw_6PGGlBLxJVJDGhPVkyfsztL5mgXOWOTfoNbG0wAsIghJIx3wMqCK62ho4bekA22Wat0xvKtFjLFhS6A3zfZZZHae_gBX5zhZdgXxQ2JgBl07NDHrOvzH1jz8pL5BX_3Xo6T_JZXoSpojJE79VDXBfbNkebHLLZoj_hdvEquDA9szlXI0hSsBTd0V2BwBTSbMTyZHS5LkYTmo7tRMFjXYDTO3ZVFnmASsBnotyreApOqHwTAN4s3YPX5H22RAxtgPAmnyFAAdWTkUkBHN6GqHpV0y1vwODRGoa3puj-KfWfFY86Vx4qT-r-995WGGgAQP3ZFlYDUSaUaADp-QJD9fKhIq_2qd5eAJwaPFgfojrLEsFVk8_vXpBiX-WbcpGBA10ZIv6_Wn6nyHuIch35WkCilioPIN8Hpn1gjq7aKjITK6Fw3y92zQoJMjkN1KvRye_6waIlNEHz9LxyGnmbcMOuqXlRr_LF4p2JkEDG4kAzhZsYXflMqCGB0ycSiA-f0aHtK8AVU2LH3jV5U5QrYZoJJ64HKmqhqPUo622oSyK03sBDCVmoG5dGPJz7okEwJGdO8Gt6R-xEmyxQr46NWEaaX9m1SjWXv7MhU7vm16yA0Z-5xkfKlTHwthgAsM1mUYlwkU4kr0bAin_qq0OtkoRZTWfsweMOFAZ57eTBjP3cNna3CEm9Mt7zF0_LTJAOU0HZm_GtJVMfPMovasUGgxy7NwC7UbMCy09Bfg2Jqkka4vfagdDYJkE1iufzL9ww0XXHdwIbE42SbZ4ZDaIECvWGqbrCdnzB0ZPCkang4SMcykg0gCvQZ4PORC5uU90ddl6w5RKFrsOWmvt9KolonoXfVUjCvSYyuCUGIsUfzxVNad130lv0pJH-2k1OFPVM4YFNhwtk9b9bmeqGZ0fiiohXpEaeukhSG8-11tiuyqj7oC5Mr1HN2MvSkO6fLZYI3Rdo6wvASowqiN2UkNCVXdtafi7cKF_J4WIyOeA5zwig8FWTUCMJvTrZQnG97GGAS1y2oEVebpYZ635y15ul0XMlmtjHq2NRyfDOcQw4tinGY59cmg3C-kymWuDrhIt1gqIwESNq1IRBwGrNV_O2CcouwP5ynss2sfHr-ENLT7ZBrhjPve5slmaFOXRdYS4LvgZvcDfnCgyfl5jU99LHhnDE1GhUDAiwI7F1JmgJuYG-eiN7op5JD38kbjL2v-CURuULNazJj6AgBecmEwu8ok-fVRxa65OqglZtoHAMkYSOVQQsxKk0rpQ1TBCt9XzK5gx46gjwwbx_8aOtmTJoNyK1VixYsotYdx96YIDMvQfnqonTZf8-ViQqTIbElvBAEqrRYA-JrVeDGToe-O-QMpFjTqfZ5kLTd0W42GHLrllxR8WNCyw_4jpBzxtZpNUbCzEahghxklNhWH9DUokqVarU5tC8RcSiPdsSVYyLuGglP-uOQKCcI0islq8tc1iQ549ViDXnx-PxxM4sgd6ZhXC02RR5OcVjtTECeNnOFX_4qSFonEbN1S7sGzvT4AVMqMoZ4wjFu4BSgVH8Jom7ag_azHXGWwYaUVuZUqAq0ga1YR9haq6WyyFTsBuJLQcX60iDQ1_1YzZU-fDexxbXGQ2OZ2S1Njb6Yf4jbkJPyzMGA17A2xIhdq_R3NWZy5v3OkqAbGfSmwC4CAjPKpbJmjUJy_hXl9O-2yxqBQeOeMBa9UWyfFLd-a3tbYB8135vrLAbjRYxSHp0gFv2DgNyK82raZYr0AShh68k-ycO-iGJYh5bpvAziFtCjdIik6Z0PHoQKs6AxJPbQp7reFAPj0-P8QQRRDzHG5w-RVOW1c0S4CQ1R9tOaFmDsgYm9Hxdfu3Bv9gvTl2W12aIc8Dzv1hVRwQZUgCiPthzTkbMwiE1hRU_1RatlmWfh2xLQ0SA_m1Amu-wELSuHUcHj4QzjoTjm43V9VLHMZrDUnJ3WDdIUWgZr64__UgafFYaE54PHaprho9h1u9nanHt_BlFzzymX_ljVsL2Vcu-NDm43vp4nQcwWw7a1sYVaz0mEWDfD3e0e9ts1KYYxSGE4mZMUJ7tO6hvHHSmNZX1IJyflFQYN8fyx0sdTQd-3jNen6it1FOidJyKzh1-7VA2ETdGk4qcCvWiwFt6jSFPs2riNbUVXvWtRSlyCgUvRXIeMPs3opcHXgPWEQ2JVVjyl2Fpkr3LMCVEo3aQwzSN7heawMT88ZlxpGqLS_amUgaLjI2X73LLgb6AkxJraQnV9DVoronX8pm79sC9OfroxT8cHC0o51x6moIgv9eh42WiG3VwfGJWZ4MCGveDmfGUjDQed0Y0wVZzm4z0TbJ22Xd1mmFfLw72Se6wofyhQjHPw9mXdhZA0s4PBE2J3Ntt8BdBM5zisbNuXPDt14xPG1GbLvZ5DJdY6JjYGsku1AEZMCs1hHityatXBGxgYTSMAEgqNXwF5vutPd03XhLGoyg4Ctk3gr7xbI2JjsxO42tvG0QmgIadw6tqKRvtxgPtEcQiUXt5IKjLPXXG5II0opia46EYsscMhEK-8cJlbO8YX5Hy9newZZN4o-wvGD3_7ABL0eLaDsU1dZC2OsKwxyqLY0KNMXSkE_KutnI6Ec5bVspsZQq-L5EiUGYIfzioD44rKlWuXE9h4nHUsEAbEcER&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8593
x-xss-protection
0
server
cafe
etag
3013172215444160546
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:42:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 0249 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duz9z0ehNpWEKGS3r5TrZ4bLzTGGHOpjRV9GsNSI2478XbgRDf1y5DMIOjtKiomJY2_DWGt4q2C8cGkgg_xInK0YBn7ri7VxU3LNmawxP84GTnT8RWM4PMhMB7CEm1nqY9MOcE94MjCHC7SJ9ejzpbgI8ilg&dbm_d=AKAmf-AnWlNK41DILeqbCecg8iGpBlM8sYBBmib8NGgq3uY4QK_4juyWCvIFT6hikfJKr1dvNU6YeWXvpsNCnEpaiuydnAg_5k5EKnr-cbtbhpgdF6sjzFEOZUEUVu3oKghSifX60Of0iOZlq9jFwCxFy8BdWQrneinaYM3orzukMVCEim4w3rOXLnY6YDTbEUOH52umklO71CpKWp2DB7q12uOdRGFppod5HJjpYhxOPN1t4gtTX48wU0m174CoTovpfQT34KA4JKnxAQb51pQBAR4lU4FHTpJqyZC3re_V8sqbs51cE9iQcW7GkufdDAVFqDmC2pX8M9Y_WuACwWHVA5ztcf_qMsAKiLGo8_I09Na2ot2Yw9J_A5Fayg1DLqms7PcMRPS7C9C_J2_sWpdY4Wxqn54TrdhZjN7K8Vvh-N7lfjJyAXOWpTRE2TRCbxo-D2feafeZfD9fQfdNfkQDZ8Ro_Zw7tpcIw_6PGGlBLxJVJDGhPVkyfsztL5mgXOWOTfoNbG0wAsIghJIx3wMqCK62ho4bekA22Wat0xvKtFjLFhS6A3zfZZZHae_gBX5zhZdgXxQ2JgBl07NDHrOvzH1jz8pL5BX_3Xo6T_JZXoSpojJE79VDXBfbNkebHLLZoj_hdvEquDA9szlXI0hSsBTd0V2BwBTSbMTyZHS5LkYTmo7tRMFjXYDTO3ZVFnmASsBnotyreApOqHwTAN4s3YPX5H22RAxtgPAmnyFAAdWTkUkBHN6GqHpV0y1vwODRGoa3puj-KfWfFY86Vx4qT-r-995WGGgAQP3ZFlYDUSaUaADp-QJD9fKhIq_2qd5eAJwaPFgfojrLEsFVk8_vXpBiX-WbcpGBA10ZIv6_Wn6nyHuIch35WkCilioPIN8Hpn1gjq7aKjITK6Fw3y92zQoJMjkN1KvRye_6waIlNEHz9LxyGnmbcMOuqXlRr_LF4p2JkEDG4kAzhZsYXflMqCGB0ycSiA-f0aHtK8AVU2LH3jV5U5QrYZoJJ64HKmqhqPUo622oSyK03sBDCVmoG5dGPJz7okEwJGdO8Gt6R-xEmyxQr46NWEaaX9m1SjWXv7MhU7vm16yA0Z-5xkfKlTHwthgAsM1mUYlwkU4kr0bAin_qq0OtkoRZTWfsweMOFAZ57eTBjP3cNna3CEm9Mt7zF0_LTJAOU0HZm_GtJVMfPMovasUGgxy7NwC7UbMCy09Bfg2Jqkka4vfagdDYJkE1iufzL9ww0XXHdwIbE42SbZ4ZDaIECvWGqbrCdnzB0ZPCkang4SMcykg0gCvQZ4PORC5uU90ddl6w5RKFrsOWmvt9KolonoXfVUjCvSYyuCUGIsUfzxVNad130lv0pJH-2k1OFPVM4YFNhwtk9b9bmeqGZ0fiiohXpEaeukhSG8-11tiuyqj7oC5Mr1HN2MvSkO6fLZYI3Rdo6wvASowqiN2UkNCVXdtafi7cKF_J4WIyOeA5zwig8FWTUCMJvTrZQnG97GGAS1y2oEVebpYZ635y15ul0XMlmtjHq2NRyfDOcQw4tinGY59cmg3C-kymWuDrhIt1gqIwESNq1IRBwGrNV_O2CcouwP5ynss2sfHr-ENLT7ZBrhjPve5slmaFOXRdYS4LvgZvcDfnCgyfl5jU99LHhnDE1GhUDAiwI7F1JmgJuYG-eiN7op5JD38kbjL2v-CURuULNazJj6AgBecmEwu8ok-fVRxa65OqglZtoHAMkYSOVQQsxKk0rpQ1TBCt9XzK5gx46gjwwbx_8aOtmTJoNyK1VixYsotYdx96YIDMvQfnqonTZf8-ViQqTIbElvBAEqrRYA-JrVeDGToe-O-QMpFjTqfZ5kLTd0W42GHLrllxR8WNCyw_4jpBzxtZpNUbCzEahghxklNhWH9DUokqVarU5tC8RcSiPdsSVYyLuGglP-uOQKCcI0islq8tc1iQ549ViDXnx-PxxM4sgd6ZhXC02RR5OcVjtTECeNnOFX_4qSFonEbN1S7sGzvT4AVMqMoZ4wjFu4BSgVH8Jom7ag_azHXGWwYaUVuZUqAq0ga1YR9haq6WyyFTsBuJLQcX60iDQ1_1YzZU-fDexxbXGQ2OZ2S1Njb6Yf4jbkJPyzMGA17A2xIhdq_R3NWZy5v3OkqAbGfSmwC4CAjPKpbJmjUJy_hXl9O-2yxqBQeOeMBa9UWyfFLd-a3tbYB8135vrLAbjRYxSHp0gFv2DgNyK82raZYr0AShh68k-ycO-iGJYh5bpvAziFtCjdIik6Z0PHoQKs6AxJPbQp7reFAPj0-P8QQRRDzHG5w-RVOW1c0S4CQ1R9tOaFmDsgYm9Hxdfu3Bv9gvTl2W12aIc8Dzv1hVRwQZUgCiPthzTkbMwiE1hRU_1RatlmWfh2xLQ0SA_m1Amu-wELSuHUcHj4QzjoTjm43V9VLHMZrDUnJ3WDdIUWgZr64__UgafFYaE54PHaprho9h1u9nanHt_BlFzzymX_ljVsL2Vcu-NDm43vp4nQcwWw7a1sYVaz0mEWDfD3e0e9ts1KYYxSGE4mZMUJ7tO6hvHHSmNZX1IJyflFQYN8fyx0sdTQd-3jNen6it1FOidJyKzh1-7VA2ETdGk4qcCvWiwFt6jSFPs2riNbUVXvWtRSlyCgUvRXIeMPs3opcHXgPWEQ2JVVjyl2Fpkr3LMCVEo3aQwzSN7heawMT88ZlxpGqLS_amUgaLjI2X73LLgb6AkxJraQnV9DVoronX8pm79sC9OfroxT8cHC0o51x6moIgv9eh42WiG3VwfGJWZ4MCGveDmfGUjDQed0Y0wVZzm4z0TbJ22Xd1mmFfLw72Se6wofyhQjHPw9mXdhZA0s4PBE2J3Ntt8BdBM5zisbNuXPDt14xPG1GbLvZ5DJdY6JjYGsku1AEZMCs1hHityatXBGxgYTSMAEgqNXwF5vutPd03XhLGoyg4Ctk3gr7xbI2JjsxO42tvG0QmgIadw6tqKRvtxgPtEcQiUXt5IKjLPXXG5II0opia46EYsscMhEK-8cJlbO8YX5Hy9newZZN4o-wvGD3_7ABL0eLaDsU1dZC2OsKwxyqLY0KNMXSkE_KutnI6Ec5bVspsZQq-L5EiUGYIfzioD44rKlWuXE9h4nHUsEAbEcER&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Jun 2021 16:43:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0249 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLJwZfHMlDCvjfOfw8kqJkBIRlEWL_Ut6TIhyzJMgdVAw9aY4F5DIAvmBQySW3TeSXf9Xfvy_4Vu1eEGbKQT8KQNNBB7RMZvXXrAcICJEJhUPNsLKhxLu9NMiUzmyfW4kRyO5YqTtJZYw63qqSgGgDReRaT3BRT1gPCKqHblZaot5wTyg7FwwoDm5HcNZvQA7gHPXjp2A8stq8gxHx0z47lcPMq37aepsjDjPAwnm2ovHdGMljHuQ86OqgeiCOMHBTrfEEBly57jajoL-2_i6jeLSEHayF6t6NeFQNUGK9z-Ag4vp_rQcGv9omXGFwzhD59NpEB4NEFYN9a166YK6JGlzRzHXUdBzybzZL1PvS9tUOLUoQpre5XR23d1tCEJHVwf4jnimHvHIBjgcYzEBQgPRrrJ-royGMeY3jeRc66tPhOO9TzkTUyHmMPyumIAVACLv_U_9yJQoNJ0wE8odhEVgrXPLQMmt3Omk0Vy76CplDKHxIpGd2zScRujZdIlvWAA9oA4oMLtPpwX37qktMXdCNcSCaGDISOwSeo-tS-2S4F1NsLjEQSqIPaIp98dmjf7S0Rwex34jBy-2V31Am_nFc-cVkyOuQLqIPzu9FL4Md53rPvKdBfFoyo1Ze8hAfIQyIHDKbxekhGk3jvQse3tMhljzYOf5I_ggdvaqtxTXFu7QO-eOniFzI4tT_63QHpIhY8e8gTdW_Yb-xcBm8J1IT_DJZtwAKLlNZ8ZiadmbDIvRjvjP0TzFKkPj1kT-12YcGY4rU7wyaKO3PWewAlbU55Vkv_GtN3ObIyh0PodiBbRhlWZATnNRwlG7ACrTPQeN3R-qL4VL32fv_Ke5jVVQJBsXieRra3qp1KvnrQ6gdM2bsU6kh02YL0fCY0ZqjmuxwTq5Z9OdZwNoer7LB1D_kqsAfEvfrRCc2xk283bPBnEm-E16M-2sbsM4B22BjX76-nDpoTdSTuI-WxD78eIAkvE2Ni3oOtYtm2DRdVCzkevxixTQfmo64Oov-RjxMtbBeaA2n464vHHPy4agtFIIAo7Uxn2DRbEJ4jO5-ZzjX-3blWN2OFVLpnUOjjmfwq0TNrnwjpU7RVJlytr9ZcqQGEPgi7-pHYmeEytIfPvltphEMLt6woX0p3pZkQh3HpovX1Ez7KcFTs5x06QIB50s97OotEuUHuAPHp2irP1BW7AlI&sai=AMfl-YTt_V4pv6xHt-4ghLxUcbwIphyeYfuGCR9c4MI71j9X6VJ6AWFFjBGXn2cB2_uB9rrvpcdUF7Vd76h5MiIRxRwRwlTYeHOPzLi8Mw5eiwiiMUJeVvoRNaDLePhVTmzXVizSKMQyq-ZCPnVe-y44OwcAhJaI1kJHoeESUXYGjdP0WpCYl6o6rtVDcI2bhpvybxBMvcrjnpM_0fUZzN3Qn4CT4DwRxVYdpjjR_xokcg&sig=Cg0ArKJSzFq1hhDlsHsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210517.63462&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duz9z0ehNpWEKGS3r5TrZ4bLzTGGHOpjRV9GsNSI2478XbgRDf1y5DMIOjtKiomJY2_DWGt4q2C8cGkgg_xInK0YBn7ri7VxU3LNmawxP84GTnT8RWM4PMhMB7CEm1nqY9MOcE94MjCHC7SJ9ejzpbgI8ilg&dbm_d=AKAmf-AnWlNK41DILeqbCecg8iGpBlM8sYBBmib8NGgq3uY4QK_4juyWCvIFT6hikfJKr1dvNU6YeWXvpsNCnEpaiuydnAg_5k5EKnr-cbtbhpgdF6sjzFEOZUEUVu3oKghSifX60Of0iOZlq9jFwCxFy8BdWQrneinaYM3orzukMVCEim4w3rOXLnY6YDTbEUOH52umklO71CpKWp2DB7q12uOdRGFppod5HJjpYhxOPN1t4gtTX48wU0m174CoTovpfQT34KA4JKnxAQb51pQBAR4lU4FHTpJqyZC3re_V8sqbs51cE9iQcW7GkufdDAVFqDmC2pX8M9Y_WuACwWHVA5ztcf_qMsAKiLGo8_I09Na2ot2Yw9J_A5Fayg1DLqms7PcMRPS7C9C_J2_sWpdY4Wxqn54TrdhZjN7K8Vvh-N7lfjJyAXOWpTRE2TRCbxo-D2feafeZfD9fQfdNfkQDZ8Ro_Zw7tpcIw_6PGGlBLxJVJDGhPVkyfsztL5mgXOWOTfoNbG0wAsIghJIx3wMqCK62ho4bekA22Wat0xvKtFjLFhS6A3zfZZZHae_gBX5zhZdgXxQ2JgBl07NDHrOvzH1jz8pL5BX_3Xo6T_JZXoSpojJE79VDXBfbNkebHLLZoj_hdvEquDA9szlXI0hSsBTd0V2BwBTSbMTyZHS5LkYTmo7tRMFjXYDTO3ZVFnmASsBnotyreApOqHwTAN4s3YPX5H22RAxtgPAmnyFAAdWTkUkBHN6GqHpV0y1vwODRGoa3puj-KfWfFY86Vx4qT-r-995WGGgAQP3ZFlYDUSaUaADp-QJD9fKhIq_2qd5eAJwaPFgfojrLEsFVk8_vXpBiX-WbcpGBA10ZIv6_Wn6nyHuIch35WkCilioPIN8Hpn1gjq7aKjITK6Fw3y92zQoJMjkN1KvRye_6waIlNEHz9LxyGnmbcMOuqXlRr_LF4p2JkEDG4kAzhZsYXflMqCGB0ycSiA-f0aHtK8AVU2LH3jV5U5QrYZoJJ64HKmqhqPUo622oSyK03sBDCVmoG5dGPJz7okEwJGdO8Gt6R-xEmyxQr46NWEaaX9m1SjWXv7MhU7vm16yA0Z-5xkfKlTHwthgAsM1mUYlwkU4kr0bAin_qq0OtkoRZTWfsweMOFAZ57eTBjP3cNna3CEm9Mt7zF0_LTJAOU0HZm_GtJVMfPMovasUGgxy7NwC7UbMCy09Bfg2Jqkka4vfagdDYJkE1iufzL9ww0XXHdwIbE42SbZ4ZDaIECvWGqbrCdnzB0ZPCkang4SMcykg0gCvQZ4PORC5uU90ddl6w5RKFrsOWmvt9KolonoXfVUjCvSYyuCUGIsUfzxVNad130lv0pJH-2k1OFPVM4YFNhwtk9b9bmeqGZ0fiiohXpEaeukhSG8-11tiuyqj7oC5Mr1HN2MvSkO6fLZYI3Rdo6wvASowqiN2UkNCVXdtafi7cKF_J4WIyOeA5zwig8FWTUCMJvTrZQnG97GGAS1y2oEVebpYZ635y15ul0XMlmtjHq2NRyfDOcQw4tinGY59cmg3C-kymWuDrhIt1gqIwESNq1IRBwGrNV_O2CcouwP5ynss2sfHr-ENLT7ZBrhjPve5slmaFOXRdYS4LvgZvcDfnCgyfl5jU99LHhnDE1GhUDAiwI7F1JmgJuYG-eiN7op5JD38kbjL2v-CURuULNazJj6AgBecmEwu8ok-fVRxa65OqglZtoHAMkYSOVQQsxKk0rpQ1TBCt9XzK5gx46gjwwbx_8aOtmTJoNyK1VixYsotYdx96YIDMvQfnqonTZf8-ViQqTIbElvBAEqrRYA-JrVeDGToe-O-QMpFjTqfZ5kLTd0W42GHLrllxR8WNCyw_4jpBzxtZpNUbCzEahghxklNhWH9DUokqVarU5tC8RcSiPdsSVYyLuGglP-uOQKCcI0islq8tc1iQ549ViDXnx-PxxM4sgd6ZhXC02RR5OcVjtTECeNnOFX_4qSFonEbN1S7sGzvT4AVMqMoZ4wjFu4BSgVH8Jom7ag_azHXGWwYaUVuZUqAq0ga1YR9haq6WyyFTsBuJLQcX60iDQ1_1YzZU-fDexxbXGQ2OZ2S1Njb6Yf4jbkJPyzMGA17A2xIhdq_R3NWZy5v3OkqAbGfSmwC4CAjPKpbJmjUJy_hXl9O-2yxqBQeOeMBa9UWyfFLd-a3tbYB8135vrLAbjRYxSHp0gFv2DgNyK82raZYr0AShh68k-ycO-iGJYh5bpvAziFtCjdIik6Z0PHoQKs6AxJPbQp7reFAPj0-P8QQRRDzHG5w-RVOW1c0S4CQ1R9tOaFmDsgYm9Hxdfu3Bv9gvTl2W12aIc8Dzv1hVRwQZUgCiPthzTkbMwiE1hRU_1RatlmWfh2xLQ0SA_m1Amu-wELSuHUcHj4QzjoTjm43V9VLHMZrDUnJ3WDdIUWgZr64__UgafFYaE54PHaprho9h1u9nanHt_BlFzzymX_ljVsL2Vcu-NDm43vp4nQcwWw7a1sYVaz0mEWDfD3e0e9ts1KYYxSGE4mZMUJ7tO6hvHHSmNZX1IJyflFQYN8fyx0sdTQd-3jNen6it1FOidJyKzh1-7VA2ETdGk4qcCvWiwFt6jSFPs2riNbUVXvWtRSlyCgUvRXIeMPs3opcHXgPWEQ2JVVjyl2Fpkr3LMCVEo3aQwzSN7heawMT88ZlxpGqLS_amUgaLjI2X73LLgb6AkxJraQnV9DVoronX8pm79sC9OfroxT8cHC0o51x6moIgv9eh42WiG3VwfGJWZ4MCGveDmfGUjDQed0Y0wVZzm4z0TbJ22Xd1mmFfLw72Se6wofyhQjHPw9mXdhZA0s4PBE2J3Ntt8BdBM5zisbNuXPDt14xPG1GbLvZ5DJdY6JjYGsku1AEZMCs1hHityatXBGxgYTSMAEgqNXwF5vutPd03XhLGoyg4Ctk3gr7xbI2JjsxO42tvG0QmgIadw6tqKRvtxgPtEcQiUXt5IKjLPXXG5II0opia46EYsscMhEK-8cJlbO8YX5Hy9newZZN4o-wvGD3_7ABL0eLaDsU1dZC2OsKwxyqLY0KNMXSkE_KutnI6Ec5bVspsZQq-L5EiUGYIfzioD44rKlWuXE9h4nHUsEAbEcER&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 19 May 2021 16:44:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0249 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duz9z0ehNpWEKGS3r5TrZ4bLzTGGHOpjRV9GsNSI2478XbgRDf1y5DMIOjtKiomJY2_DWGt4q2C8cGkgg_xInK0YBn7ri7VxU3LNmawxP84GTnT8RWM4PMhMB7CEm1nqY9MOcE94MjCHC7SJ9ejzpbgI8ilg&dbm_d=AKAmf-AnWlNK41DILeqbCecg8iGpBlM8sYBBmib8NGgq3uY4QK_4juyWCvIFT6hikfJKr1dvNU6YeWXvpsNCnEpaiuydnAg_5k5EKnr-cbtbhpgdF6sjzFEOZUEUVu3oKghSifX60Of0iOZlq9jFwCxFy8BdWQrneinaYM3orzukMVCEim4w3rOXLnY6YDTbEUOH52umklO71CpKWp2DB7q12uOdRGFppod5HJjpYhxOPN1t4gtTX48wU0m174CoTovpfQT34KA4JKnxAQb51pQBAR4lU4FHTpJqyZC3re_V8sqbs51cE9iQcW7GkufdDAVFqDmC2pX8M9Y_WuACwWHVA5ztcf_qMsAKiLGo8_I09Na2ot2Yw9J_A5Fayg1DLqms7PcMRPS7C9C_J2_sWpdY4Wxqn54TrdhZjN7K8Vvh-N7lfjJyAXOWpTRE2TRCbxo-D2feafeZfD9fQfdNfkQDZ8Ro_Zw7tpcIw_6PGGlBLxJVJDGhPVkyfsztL5mgXOWOTfoNbG0wAsIghJIx3wMqCK62ho4bekA22Wat0xvKtFjLFhS6A3zfZZZHae_gBX5zhZdgXxQ2JgBl07NDHrOvzH1jz8pL5BX_3Xo6T_JZXoSpojJE79VDXBfbNkebHLLZoj_hdvEquDA9szlXI0hSsBTd0V2BwBTSbMTyZHS5LkYTmo7tRMFjXYDTO3ZVFnmASsBnotyreApOqHwTAN4s3YPX5H22RAxtgPAmnyFAAdWTkUkBHN6GqHpV0y1vwODRGoa3puj-KfWfFY86Vx4qT-r-995WGGgAQP3ZFlYDUSaUaADp-QJD9fKhIq_2qd5eAJwaPFgfojrLEsFVk8_vXpBiX-WbcpGBA10ZIv6_Wn6nyHuIch35WkCilioPIN8Hpn1gjq7aKjITK6Fw3y92zQoJMjkN1KvRye_6waIlNEHz9LxyGnmbcMOuqXlRr_LF4p2JkEDG4kAzhZsYXflMqCGB0ycSiA-f0aHtK8AVU2LH3jV5U5QrYZoJJ64HKmqhqPUo622oSyK03sBDCVmoG5dGPJz7okEwJGdO8Gt6R-xEmyxQr46NWEaaX9m1SjWXv7MhU7vm16yA0Z-5xkfKlTHwthgAsM1mUYlwkU4kr0bAin_qq0OtkoRZTWfsweMOFAZ57eTBjP3cNna3CEm9Mt7zF0_LTJAOU0HZm_GtJVMfPMovasUGgxy7NwC7UbMCy09Bfg2Jqkka4vfagdDYJkE1iufzL9ww0XXHdwIbE42SbZ4ZDaIECvWGqbrCdnzB0ZPCkang4SMcykg0gCvQZ4PORC5uU90ddl6w5RKFrsOWmvt9KolonoXfVUjCvSYyuCUGIsUfzxVNad130lv0pJH-2k1OFPVM4YFNhwtk9b9bmeqGZ0fiiohXpEaeukhSG8-11tiuyqj7oC5Mr1HN2MvSkO6fLZYI3Rdo6wvASowqiN2UkNCVXdtafi7cKF_J4WIyOeA5zwig8FWTUCMJvTrZQnG97GGAS1y2oEVebpYZ635y15ul0XMlmtjHq2NRyfDOcQw4tinGY59cmg3C-kymWuDrhIt1gqIwESNq1IRBwGrNV_O2CcouwP5ynss2sfHr-ENLT7ZBrhjPve5slmaFOXRdYS4LvgZvcDfnCgyfl5jU99LHhnDE1GhUDAiwI7F1JmgJuYG-eiN7op5JD38kbjL2v-CURuULNazJj6AgBecmEwu8ok-fVRxa65OqglZtoHAMkYSOVQQsxKk0rpQ1TBCt9XzK5gx46gjwwbx_8aOtmTJoNyK1VixYsotYdx96YIDMvQfnqonTZf8-ViQqTIbElvBAEqrRYA-JrVeDGToe-O-QMpFjTqfZ5kLTd0W42GHLrllxR8WNCyw_4jpBzxtZpNUbCzEahghxklNhWH9DUokqVarU5tC8RcSiPdsSVYyLuGglP-uOQKCcI0islq8tc1iQ549ViDXnx-PxxM4sgd6ZhXC02RR5OcVjtTECeNnOFX_4qSFonEbN1S7sGzvT4AVMqMoZ4wjFu4BSgVH8Jom7ag_azHXGWwYaUVuZUqAq0ga1YR9haq6WyyFTsBuJLQcX60iDQ1_1YzZU-fDexxbXGQ2OZ2S1Njb6Yf4jbkJPyzMGA17A2xIhdq_R3NWZy5v3OkqAbGfSmwC4CAjPKpbJmjUJy_hXl9O-2yxqBQeOeMBa9UWyfFLd-a3tbYB8135vrLAbjRYxSHp0gFv2DgNyK82raZYr0AShh68k-ycO-iGJYh5bpvAziFtCjdIik6Z0PHoQKs6AxJPbQp7reFAPj0-P8QQRRDzHG5w-RVOW1c0S4CQ1R9tOaFmDsgYm9Hxdfu3Bv9gvTl2W12aIc8Dzv1hVRwQZUgCiPthzTkbMwiE1hRU_1RatlmWfh2xLQ0SA_m1Amu-wELSuHUcHj4QzjoTjm43V9VLHMZrDUnJ3WDdIUWgZr64__UgafFYaE54PHaprho9h1u9nanHt_BlFzzymX_ljVsL2Vcu-NDm43vp4nQcwWw7a1sYVaz0mEWDfD3e0e9ts1KYYxSGE4mZMUJ7tO6hvHHSmNZX1IJyflFQYN8fyx0sdTQd-3jNen6it1FOidJyKzh1-7VA2ETdGk4qcCvWiwFt6jSFPs2riNbUVXvWtRSlyCgUvRXIeMPs3opcHXgPWEQ2JVVjyl2Fpkr3LMCVEo3aQwzSN7heawMT88ZlxpGqLS_amUgaLjI2X73LLgb6AkxJraQnV9DVoronX8pm79sC9OfroxT8cHC0o51x6moIgv9eh42WiG3VwfGJWZ4MCGveDmfGUjDQed0Y0wVZzm4z0TbJ22Xd1mmFfLw72Se6wofyhQjHPw9mXdhZA0s4PBE2J3Ntt8BdBM5zisbNuXPDt14xPG1GbLvZ5DJdY6JjYGsku1AEZMCs1hHityatXBGxgYTSMAEgqNXwF5vutPd03XhLGoyg4Ctk3gr7xbI2JjsxO42tvG0QmgIadw6tqKRvtxgPtEcQiUXt5IKjLPXXG5II0opia46EYsscMhEK-8cJlbO8YX5Hy9newZZN4o-wvGD3_7ABL0eLaDsU1dZC2OsKwxyqLY0KNMXSkE_KutnI6Ec5bVspsZQq-L5EiUGYIfzioD44rKlWuXE9h4nHUsEAbEcER&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 05:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42221
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 05:00:24 GMT
GTM_DE_CleverFucntionsBetterMeetings_TryFree_Static_728x90.jpg
s0.2mdn.net/9680551/ Frame 0249 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9680551/GTM_DE_CleverFucntionsBetterMeetings_TryFree_Static_728x90.jpg
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
958f0d5495d2f9b99f7394f4a0e22a54f8867df678ce6faa3a9ab99ba3c1a7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 19:15:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:07:13 GMT
server
sffe
age
77323
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35807
x-xss-protection
0
expires
Wed, 19 May 2021 19:15:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7B8A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 19 May 2021 16:11:01 GMT
expires
Thu, 19 May 2022 16:11:01 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1984
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AC34 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ec3c953c153ea68af497886eb32936c52f1a60970f1df3e10cb793e4f6b7ff6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bv9ZujoCQAVmX0R5nda8NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

expires
Wed, 19 May 2021 16:44:05 GMT
date
Wed, 19 May 2021 16:44:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Bv9ZujoCQAVmX0R5nda8NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 0939 		170 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhiYwviVATAB&v=APEucNUzC7wowH99BOL3GUtatSIhjM5WywUD-O5aOs1DjFh0fwoGnqDaTXhr49Xq54fBB5GK7yh5Xv6U3I_MjkA-z47u39gF-9dzibBLVS-K996hO3VFj6bC46WtxyUcQnmeLF1JmMjo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 0939
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
0
0
n5YYU8lY0TArf8nFzi9E1ZKJZ15yrbtHS4hWePTPjUN2sW-e7lDhupVQAQCDBMgJMBsQFQFxUSkS-NMw746mt2GXH1i5ubOv=w195-h102-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame CFC4 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/n5YYU8lY0TArf8nFzi9E1ZKJZ15yrbtHS4hWePTPjUN2sW-e7lDhupVQAQCDBMgJMBsQFQFxUSkS-NMw746mt2GXH1i5ubOv=w195-h102-rj-pd-pc0x00e9e9e9
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ea39146cb18bc630e659e2a87058c0d8ffbad81932b10ddf1748ce3d88bf8208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:27:31 GMT
x-content-type-options
nosniff
server
fife
age
994
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7147
x-xss-protection
0
expires
Thu, 20 May 2021 16:27:31 GMT
6479502049714433393
s0.2mdn.net/simgad/ Frame CFC4 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6479502049714433393
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18eb974a3a6554bbf742f767cf0599cb34bfad405925f9481be58a680722a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 11:46:29 GMT
x-content-type-options
nosniff
age
17856
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34764
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 11:31:05 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 11:46:29 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CFC4 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRF02JDJW0d3_xFRWf0pFBSGlKrZ3v9TdH3cTVpu0avQ_91WwJgUAX-h-C_43tNsCqhNPyMSzAMMrGrlSU6sSw7xaIPEQ5u-sPTh3ZZs61_SDxmr17Uys9O-vhTBCoOA1pSPfGnrMPo5FJCBr5GH0frtktyA&dbm_d=AKAmf-CBjzkVMrrLTKGYW-aAbTL1926P4CWyf7eHQ9bhvRbVLG8qqG28bkZ21k5O6o8y9rFb3YrRfeAvgKaQ5s9cnPuYobYmBRJtuLzBCfP4K5ftY-yCe5McT3JJqdwsCaRZDtSsHbATu0-o_k1MGkkpxFOD_6ZeKo1OXNVw9ZKOqQBOsgeqGmdY2kPjk-4tj_UKjElTcNG_RLI52M554jTBKeQ4elUh4-HzzDM4S_m2f4lQ9HOh55CbYWJYDYVOhMuYPOR9VIHFSto3SGIIzI4eWMlXG5mK7mRCfU6Z_CM2ScfB2enytoHKcLSq6auD3vJd1qUf3UITpS2nn_uvz8PmCsb73t2KyQWWBUUm1lPwzl-27YfpynzJJft0JagbHukfGZLoAkaHmQGBwixW05s1-DtIz9KnkLIaZ4hEubGJfW9doNqbUhBzt64xV-DW-VpxdMZPsvgWbBfK15ZwD3NigKSph1gtNJv1toemgj6R2ByrlF3tdJLJ2t7S3b5vAI-zGrix2eTTQSlmM-hhFHznMMruFNYlAnV6wlRYAHBSGnSXaXo7leQ2BOdqMmeGC-eD472QnddoUj9z2Cbsn362zzuuarXMqaGaH5Xpu0AmV96rFX1Dt2xrP9tYyHvQmskxaX1R2LZrEKJKriLy9EP_K8rPk9NXPqJPvltE1CeN4EC1X9-RFgMSQ4JhAvkcJgBWlMWk7V4PicsSCm8ucE5jtx7nbchfyRzs2fUrAjyR_g6rgcDKxhyuGag0vUxVn-3blVcsBLLupNuOmtpRaM4E2L_o7aspG2I1NlxWPzVvWz9co_2tiQiIw5BD5LPgzNyT01sr-H5SygtkCfDh5ew4nUA0APqmuiqUi8Xrjk9HsHK9LS_qfr4koRFAkZqGKzjhx5N2tFBY6expvB8a9xIe_AMoQBOxDTuifzhlE9uiXaLWGvwwvl11BnuKKi-6vz8CVTM30LPm7EQaVwUNKOUemTrqqRzEX-7U73yvNPf5fJcqxXY_rgrmEfyOmz9yE0VcrRgedtzMGEczAijA1vjWUHms_l6Cg1s93rqqqyj6du4tkhfJgic9-OwzKEysjgvn621EXAIKfxQ4QykhQZaKaMAABLl1B0Iy3IYGVFUsEx7Y4quK6RxEBUVRf4J90VEl5Zc7IyLEl6c860ENIACIYbzW7itW51axhADw0tCtDFhG-uT1zT7dBLnyiWvKowBR8qCtpVH5ZJug-iuvYUUfgrDUNoiK-P7KOB2wfakLHUsUH0drErVz4SwfAuF4ByOn90ceyOdA7xPpGiPtMVgdsR6GAZ-fYQENosG2FRHeUCrGKmr0U0IgenX7bsyYFD0be_yv-AAPPkU9lE9hBwLxa4K-2JWeBSKWocY-9UPc1rWKET2Z_eaeCwgef7wdxaPbgN8FxqgEbFy9VnRTX_U98XVZBdIkSdGoYReGc5cXSSRg2c1Qs9ZISErQYLV4Mlwros47JirUc5ts8A2FRbBOliy-KhTzk6u_ZM-polj7y90Pu5_TLKa7KHWGlHmRinxvbuzdTuhtz1PXnanucXtJjVMQgT4WyairzjPvExf1CZEbkHTWF1DnVeIKJss4ttC7aluo3BodnRbHPCwpCAoT5QuX3xq9kYgv_vlz-erF3qLM6L6wO5kPFzm41gFV1av2Ucg3KSG99eIgdBv3nY4fD6eekQmG5x-tgXxitw7eteveRWnzkt1_B-E66D-71RA0iPMM5xsqxdorO8GuztsFwoGUnDhB7loiQITeLk94BU8KFb9WHk7Rh2a9fMvaIlBQbwtIx4smCf0gOJd9UZ6lrfTZUXv8JnYP1iKCrcSCxQEgqMVzCCZ6KS56GzRVZlkL-SOSGI3mwJoS6jBoaScryk_UqIHK2YrPueD-TvAArTbfP7OchMNUggS0qjFtqPJsesegoFDZV09Mre2Bgr_Yao9y0szrRlIKPOTQ7BSUAuuLZ6jwAhaHE7ZJkz_3nAvKP6UOjs6Ra4RPbpYRucac8GVkt2HIXLc8hHHmXe0lRHqiZt-sfNKit1yivOHcz3OeR7ouUEjB_8WvybK7MIfcs716fZdCsK6Qatzq21rhXa4ngnHqw-TxXJ9gDe0AxNU_UlFV6B3SovVVTOocFTv_NsA4jUr97q9GpkVBpTpvyc7ltjLcEy9iwfGHmx9o2QGeV5cTi78dQ4FKHQ64WDmsdUqGYkcn7guacSSzVRr6cGE8SRXVG1gwDBj2_UAqj-3-rhAXvf59dwqidOWUAw9qumxCtAc8P1rSPpqJpIT9dj7kwmUrhORiwnXfF05ltImNKbWSqHsmswRJpfND8s8TlJCnNMxkIijLBkqVIyYQ4BDlXNPNfJelJ6JPPGBE5l5ab9abOiO3w5x9qTuzKWmLDQiXqFQMS3WSWJmLbNBqS438IjWXDqeQKY_aoYFastlNUuqQ9hsd7b1olyNjPmdcySpJ_G_X5ORnBSObQmhAFp8vS1GyD_PCQiFmf95xzKos6zfS14iFuCjgtI9VBGqAJy-lKcI7QKQrYzEAxy-H53OgybP6hL3qeteYnEnqxNe-e6cPhrujNhpd4EUKxwkHqTHqd5F6xuuovZr5tONv7GSCcwKGGw88iDvo_MTaCuPHlgAGxIqdpK4pPGcA4hHk5JfMqEBJwr9iAzVR5e_kwbF_DPmiomxLvpsqPo5_SbcI-I541LGibWaR2AKT5cgPvcHf2sW3-fVI_z7ux-kH7wcvuhmBSg2Fo4zFRhtS6TvFVHEcA-dvCRYHH1zy3raZIvNuD5c3BaLXK3N9yftzuPNc_VcPqHDAXj2fFpJulJiasAllK2uKb8tpl6uKhJEhBUFezlIkn5CnHH8O9FLUtxCipnkoB7XCDPEI6SNTEjuPZs1f4AYD&cid=CAASPeRoAv04eyCxCLQ42wJisuGXy0yenxuS5E3VZxAFQAg4zcVIFyOE8ALwMH-mpCG2I3SZERiLPpxwEiVC5gk
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CFC4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgQzSVEClYJDMMNjogAfe5YOoBuaE_MFij7Dst_cN__WQ49cCEAEg_N_oGWCVgoCAsAegAZ_tz9gCyAEGqQJjNBOumXm0PqgDAaoE3gFP0BtDBrEBcrL_DMZpmpKBl7osAIk8bfQjYxEZ3CtCcjtubaj5_vwXx32t_wUTlX9E3z09gbh1Ddiv5DOeqqFGPmi5ULN12PBR7jTxR-zyKVpLUKK-z5l2VLvZfd42aoLxQTMdnzn1M9o9YeNqh2Uik0M1ONVQKw4qU5TI5Zwc5I2KP-dyyb9LKeLIU4NFMbqv42C8wkeWcxBIy3R3henU4wvOhbUa9ZsbyARcLFEysABNnkteZ932LrL0D21XRHF3qdPXCHcKoJ_EPg1mYzfDniriGFpGkNgVja3jlF_ABI7dhbLAA-AEA4gFovKdgDCSBQYIAxABGAGSBQYIGxACGAKSBQoIIhADGAFIz9VHkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfJkrCnAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcB8gcKEOTRLRjQhaGmAdIICQiA4YBwEAEYHYAKA8gLAbAT4vXGC8gTkLKOCdATANgTDdgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yMDQ5OTQ4MTgwMDc5MjY0&sigh=lEizMP8znZ0&cid=CAQSPwCNIrLMOPdxqqVNU5pPVdck8TDO3JU9bgkUe28_hWRswOX9r9LwhiBG-j984c25Canev_P7-Sx-Qbo-Me8Ekw&template_id=509&vt=10
Requested by
Host: getnada.com
URL: https://getnada.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 9343 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNXjGYjgv2nIkk45U7udJbduaVWV9eQ2NuNCsDJihs0j2uRFDDcpBt13aG3oMFDKLJ6d6T9dKuLGQZzAllY2q-nt7avunMDbQsZo1gUsOM6SkJTBX7ELbMKDrcn0YZmEAfJrZDNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 9343
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
0
0
pixel
cm.g.doubleclick.net/ Frame F88C 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvTChCo8cMCGOKS_4EBMAE&v=APEucNW9Qe1nTNH9aQLk6T7aIHAXqfiM2pf3IWaNZBOuhkpFkmQXRBmeZS5OJxkhgJPsy7jaH75DSQgeF1cyCHimD258kpLRRCKvzx0W3fy7RJbiVyePqz6DjjHozk7zpZ_eHOOOJhCY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame F88C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
0
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame EA48 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk_g8PW_4mD4rTSF9mD8pN9ec2JK83JEOz5miTzauW7FAbDxjGucKpq1iFRWWE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 19 May 2021 16:29:19 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
886
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CFC4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4414a324e99f9f9ff0e02c9109c7421b60620a970ef08f7c538aa8c68c9d5f7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A474 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUkPSGStL9T4e5I5FRUVFbdEGegK6OE2EPzie3vUEfvznJGBTuBLmPWZqE3CJhImk-qrWWosVmRhTMm1MgiiJqG3wVjebeRKn6Yho4-e4L6IpfrhNJbnpwCMF9cHe5Kq5qCKppZARwdaCcIxGgRWFIVBSUmaxERsKCkaoP7zRsx8rT1I8wrrFmKpuwPMbniLMBLzOPWmc9Jdy9B6ql9hi8unUH0c0iCeykTLsS_KIVWb-vnlWesFpYrlg2UYDWhtrXPWi_VeX7PNrujGXPIUgYfNsydGIcxQF03SUoTJuc-Zpxv_OM32pKD58zMZ1fafGHoPGyJO-mj2_E6o1rLwwgmC8digj3YuDXmcP5SbI5h4SFc7bbalYh4aV-fFqMU0IkC_Ws7fh3YDbsKy2uclq0XfR_2EWMZt2D37PEELf697s6Bn04BMdTWQuiF3LNLtthc5af3tYQ9dR7BwO5e8CroTO3_iq-MpsCb3II2gPqDb6DelEcia57MCl8g9RouX50oT6fPtVvm0cJR5NUNL__jiWfTDsEdSTxAV49gDgkzHWb04jxtju3op1mQzIdtDe9ALknkET2lJ_aUp7Sl4LX0iDTjN8gQb2NCnLtopYScd0sGkTyi9ac0yZuyYNFb2TR2pW7VdsYQswvn9X9LU66H4SQO_Cw3gAva2ZqgLnZwV7jBidgv_4TGEOE-h2jnspda4FVcMLYxG6GGh00ihkchH3FhKQxauh6TCJtRAarg0FGOHuJ3lDnFCFwqMScarp_iVH440sVNa1mwHc1_qOXyUFIgEeN-fK8kd2BxS0J6fEGXk7daT_UuzPb8BzvWjW-Cop-JLItpBIhz7T4XhEEMhd0TQ7PNfzQtYRegCw3UozHZswILz5nrn2p8BLEEjMuGLlNCTiLYBWaZQw21-v_hptQk9X4VSPg7_doFePNxvPKRIN8nMCEeQF6re3LUX8AH0lUJevN9R-DPaRn0eMaOAqPqRrmCb63Y11U6qc-vjy5Ww4BM8vaFzIZnRGKkJuxxAWxjt3uXvfQ33d45uAe8TQp-akFdrHQ1DKMNjKUHJyUw6xzWmPs5TkDSqzABoxJn4Nm3jW310vzzq889dS1ta_BKDpUqFTwX_bZJ_t-U6Xht3enRNy6BqOOU-wBU3-la9uLEUyjcRS-_AWcldLo1i-PWTqXi_b5-9wP4pO8UrW7MuaOOcVTLZGQZtzQ-1-wUXbanK--Q-TpsS_tneSV2sAW8e4Yl_224awdSZXNwj1-nLSUo5J61J9kjA&sai=AMfl-YRsMcJ36tklRKKQhk-gM8Dr1QP2EHG1HkM_gHjyxV3g_e70-ui37TFSKceKrOOe0bcznRY42CeebkGhlMiJtYe7XGnOzL4Qj_S1yNY-sjd97wCLRL4k132VVtkZIdg9TbA6gis7XMbN1fzOe4RQQnRNR7HHGGijji6iNNBbe0RRg_lde9f_VHoirsgv-50BZtgVsuKDdOWE-htd3JeNgUFb57wWOUWbMiM23fZC1EXbgtMeF8Kq5lb6w0uiQzBuSg&sig=Cg0ArKJSzJ8InvpFZ8epEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&vt=11&dtpt=82&dett=2&cstd=1&cisv=r20210517.79796&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7XMDkq9sLOCVlhY8pEc8gOW7mYnnv7bQOt6yD4YyjNstn09JMFzzb5ZcFBYmSBpFlcbcDVkN5khsHafyn074VgaBg9rZHFbhmplOYnZLN1henmKRR8qeD0TGKnW5ArCmoDF8Wgz69iMNWJkLLIXVlQoPW6w&dbm_d=AKAmf-BBktXEzCF8D6gibSSWw3lgNRpdSesi0ADoQOaUY4VeCY4mkOTgKWKWfUjWwaNVy03Asgq-c7h5ZQBNdmFGqbdLXWmsXxVXI8dybft55ZXIcugU-bsXkxpjJ9UKpExceqKgM_nlJM_nLmCoMv6zFZlWvE0QJsV7bxqmsD3PVxam4B3cOnHr86I0S5nFVwfiLbAA6wpp6kkoEyuAoGLctx5sAVbRAArJ5GwY02P32kHUTnqh8dl6NNKtJYfDESEgFqz1vYxMKnpzLJc55fg6QCCAhxKALe0b0LJdhu9BlalN-EQe1NUORyPhLslNGflY1_KqdzPmAQ3EHAeffcKtHZnOdvNwxvUbEppVA39oRVA5b73DhpSS8FCesStGPGdh70fiALxKMIR0f8H0TWkfaS2PipEmbKK77vYfc8lLlIiaQ28jqV0IJgFkJXfD1exTvoBcZOA5nW3ZgEYrcBmRJH0sSpMd8uY3r8f3yoZzDIhMLSLdS4IvWGGzJwUM3eZR1iqMBjCkpHJkWMr2BS7UUaz-uOug4E7GA8Atqli0XZv3WT6Qs0tHqaXWBBJG1AIQp5HhSyP4WiGHjjgkSmdXqOhhpb2EVSwOuuUV4_y5iA77REEOxnKFxfAepWDHjYz-sYH0Lzg8WCLwBeQr7SbzXmaFhNBnMqLZeB6mXPjVX0wgTKpxU0pGdVp0Sm_XTWwxx3xLq7FdTblOE2Vvmm6b2LpcRz7PE5tQcRgqpu6dYrj1ZeMujXUrK9F1g3NajPeufVRI5k45fjxZ3XnqpIdGL38DCLAC8DFaqix41zN_R_I7H8P6yozT7w6-Q2ZuwpVXu8aBM3KbN9ZbXFrK2LxHrSuBe40Q-Vg8rMjA0aDTC582F9DE3amPLwAiKLTgVJA_PhuOA7Qq3K4QklUL58f99V9gdWqrJbX_FVHXhVv8SmsUese9zqHogWo4G1VmDKucwzT-nsfnIkCOggN6LNkhHqU75sZs_D1hZB0IMrw2FG3MNUtMHzpo7zg9goU4K_gQdN0dZNWW70COfieMeRrlxe5rvC3SkhGQK9kqISPnpBhPZUVUNzcnWwqanAUtb_e5heOec-6y0IulVqm5LHpYihzsnSg1oWPcRZj0qIOK3DzIhcpxEOVtgSOeF6PAVf6Dpw_P8k6ag9UQ0wh3VakBAGK5NzLjly74U60rupOkmwOIZIUCr01Hch7tugP7wxTGmA9ROv2saUtb481yWBjL2To5zZDiLPzZyvK6n3WrPG_t2Gu1chkCMJz3vAAKnVCzI05YXtpDjbj0Zgf-S_Pe7l8kXcsZlOwVQEf5nxSPhc1G3uz0BWM4tT72ft74P0pH6440NMjEdysShFbx0aXGAIlXqLNfLsRiLG52z8Y5bZ4oui4firv5iGZ_iZP61obdFDUsf6zFJt0vGVa_7BTPCgyqc_uoI5cFCmXP5JJo67d9fIgK-THvDGi3Eb4OW422rLARwnlmgWR3i6DwIA5UOB3qO8Ljzv5ROgGDZ3FhwJ4XK6hQDEyMjDu0PUisxPCBaW9rPca-Lfy8oAe7UvLTzwoJ56ZEXrhKRafQkhd_WEiTnsyMqXjQWlu16rriDXpUWuE0D3tRsg1LELEAcv8YuY9ByvJRnRLANKxHC30UCLLygd8ZzgodluT9OJVH8WhqmVx-vUjlyWX4ZV-JS7IHU_sCT6AMQdvr-tnrkSezgkpJFxZLZbofhFCQ7UbyQTMZ5xLQbVwbp6cjfidoUWEP_c9Wgw2pb7kOLWjd5nRUIDaTP2FbLZYz7N1H8PXYQMKEHTO7c21NJ179TOOswNJ9oanklhes8lL8LVwhDvyLz_eSrRbmrhCxkjOaYSK5EvOnoJjOEBHYQHMKqtW7SfqHaAa3CuOUeA6D1Nm4eIhxr6CmxUvNs9CmKjWYlDhw5oCddBFjuhr_pKnw_xvBNJyX708jy6I9TJfGH6twWjX1wJrKur82xriw84AJ6vu9ytCO45HqatBlIDr4BJGjudSBSeWAsNgLxl1d8qG5xyZr03q2dBsfxQ5UxwprMSXsHDIOji8gHjm7aSIL4u6uMvF6ZD4iADUx8hrsUV7ojQb-8m_uMbFrUb7J-1oYTzt6IMUSt8BLHUTgZFhe5YFneWpHeeWFkKSO-ffppP7GAZ6WqHFvtLOzrNa6kaJ-2Ag8SaqY8C_RkZn0HT9Yj3fiweaNyrMEtJ5SOIum1QiOE2XNlNnw6c83aRwmB6Y45R_ZHFnorvKlK3mklH31XDoPSL98dlPdJNDpSRpmzGG_Jc4ZJm-D68wdAsb9u3RCuATgx3eXBkezqL35z9PfU6NRVG0kAfDU1VO1VpWQFbghbGFl8s5gAMQ4k3tmMMbVR9vCo_qL2XPGajZsHnCDF7QZqHrmkUTR65KZe6V92QgCLzTgJ99pqhgn2CHXcrs0t9MFuJWDFwoUtp4EpZpiUA9ZsLJoQYT-1AEME4GCKszPVxePU44pDsMtZK33HRX1E-AlSkpPv1RzSIvTivw0ArhCFbo6pGs6rU5-SxoX95prSoW0lEs-u3UUK_DhK30jrBVCjIyj4SxIHuisrc5xM35Nj1b3HuAClbROU5FVIyr435f3khfM-TA6pr3pO0UcHDb-m-rz0AbAs8HSBOF3eT3Nq0WGHf-mPZExyZAf6ywpwVHZ5Y7duLGonTSVnk_RP2rZSPudDmUTI-5WLKPhqd6dEnA5yTOnFoKLSJjPsxkNw1DLS2qpbhloYUvjbdKJi0BD2rD5DHqd_KVxYpTdxuY8dL3KXpJ69-b7Du7tqjmPvNfaWRgfnvWgfUrbYJaDVZLzuB5jLuP56Jr_IYaqU99CRmbZzyQ44DiJn3384Yx7n_PmC4b7txMb1dUlEuWyJXeSu-_hwIXEkAHT_31gjMhsiqALf6XaD53iNJ-R3ANh5r5qAwQ8vG4-ay01hW-aumuj7nSPjBVN0UKNLjI63tKCvU8yhvd0LtYBG1MTa6DLefwJkzaSe4vfI1vFg-OZsy7XN0eEIiAukEN6UQckFl8LTTvB5zV_pZVbeOf9Wd7WNJvUqRodjCqCJb1F0UChOkJcu6ech5Skca9T&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 0249 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLJwZfHMlDCvjfOfw8kqJkBIRlEWL_Ut6TIhyzJMgdVAw9aY4F5DIAvmBQySW3TeSXf9Xfvy_4Vu1eEGbKQT8KQNNBB7RMZvXXrAcICJEJhUPNsLKhxLu9NMiUzmyfW4kRyO5YqTtJZYw63qqSgGgDReRaT3BRT1gPCKqHblZaot5wTyg7FwwoDm5HcNZvQA7gHPXjp2A8stq8gxHx0z47lcPMq37aepsjDjPAwnm2ovHdGMljHuQ86OqgeiCOMHBTrfEEBly57jajoL-2_i6jeLSEHayF6t6NeFQNUGK9z-Ag4vp_rQcGv9omXGFwzhD59NpEB4NEFYN9a166YK6JGlzRzHXUdBzybzZL1PvS9tUOLUoQpre5XR23d1tCEJHVwf4jnimHvHIBjgcYzEBQgPRrrJ-royGMeY3jeRc66tPhOO9TzkTUyHmMPyumIAVACLv_U_9yJQoNJ0wE8odhEVgrXPLQMmt3Omk0Vy76CplDKHxIpGd2zScRujZdIlvWAA9oA4oMLtPpwX37qktMXdCNcSCaGDISOwSeo-tS-2S4F1NsLjEQSqIPaIp98dmjf7S0Rwex34jBy-2V31Am_nFc-cVkyOuQLqIPzu9FL4Md53rPvKdBfFoyo1Ze8hAfIQyIHDKbxekhGk3jvQse3tMhljzYOf5I_ggdvaqtxTXFu7QO-eOniFzI4tT_63QHpIhY8e8gTdW_Yb-xcBm8J1IT_DJZtwAKLlNZ8ZiadmbDIvRjvjP0TzFKkPj1kT-12YcGY4rU7wyaKO3PWewAlbU55Vkv_GtN3ObIyh0PodiBbRhlWZATnNRwlG7ACrTPQeN3R-qL4VL32fv_Ke5jVVQJBsXieRra3qp1KvnrQ6gdM2bsU6kh02YL0fCY0ZqjmuxwTq5Z9OdZwNoer7LB1D_kqsAfEvfrRCc2xk283bPBnEm-E16M-2sbsM4B22BjX76-nDpoTdSTuI-WxD78eIAkvE2Ni3oOtYtm2DRdVCzkevxixTQfmo64Oov-RjxMtbBeaA2n464vHHPy4agtFIIAo7Uxn2DRbEJ4jO5-ZzjX-3blWN2OFVLpnUOjjmfwq0TNrnwjpU7RVJlytr9ZcqQGEPgi7-pHYmeEytIfPvltphEMLt6woX0p3pZkQh3HpovX1Ez7KcFTs5x06QIB50s97OotEuUHuAPHp2irP1BW7AlI&sai=AMfl-YTt_V4pv6xHt-4ghLxUcbwIphyeYfuGCR9c4MI71j9X6VJ6AWFFjBGXn2cB2_uB9rrvpcdUF7Vd76h5MiIRxRwRwlTYeHOPzLi8Mw5eiwiiMUJeVvoRNaDLePhVTmzXVizSKMQyq-ZCPnVe-y44OwcAhJaI1kJHoeESUXYGjdP0WpCYl6o6rtVDcI2bhpvybxBMvcrjnpM_0fUZzN3Qn4CT4DwRxVYdpjjR_xokcg&sig=Cg0ArKJSzFq1hhDlsHsvEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=74&vt=11&dtpt=73&dett=2&cstd=0&cisv=r20210517.63462&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duz9z0ehNpWEKGS3r5TrZ4bLzTGGHOpjRV9GsNSI2478XbgRDf1y5DMIOjtKiomJY2_DWGt4q2C8cGkgg_xInK0YBn7ri7VxU3LNmawxP84GTnT8RWM4PMhMB7CEm1nqY9MOcE94MjCHC7SJ9ejzpbgI8ilg&dbm_d=AKAmf-AnWlNK41DILeqbCecg8iGpBlM8sYBBmib8NGgq3uY4QK_4juyWCvIFT6hikfJKr1dvNU6YeWXvpsNCnEpaiuydnAg_5k5EKnr-cbtbhpgdF6sjzFEOZUEUVu3oKghSifX60Of0iOZlq9jFwCxFy8BdWQrneinaYM3orzukMVCEim4w3rOXLnY6YDTbEUOH52umklO71CpKWp2DB7q12uOdRGFppod5HJjpYhxOPN1t4gtTX48wU0m174CoTovpfQT34KA4JKnxAQb51pQBAR4lU4FHTpJqyZC3re_V8sqbs51cE9iQcW7GkufdDAVFqDmC2pX8M9Y_WuACwWHVA5ztcf_qMsAKiLGo8_I09Na2ot2Yw9J_A5Fayg1DLqms7PcMRPS7C9C_J2_sWpdY4Wxqn54TrdhZjN7K8Vvh-N7lfjJyAXOWpTRE2TRCbxo-D2feafeZfD9fQfdNfkQDZ8Ro_Zw7tpcIw_6PGGlBLxJVJDGhPVkyfsztL5mgXOWOTfoNbG0wAsIghJIx3wMqCK62ho4bekA22Wat0xvKtFjLFhS6A3zfZZZHae_gBX5zhZdgXxQ2JgBl07NDHrOvzH1jz8pL5BX_3Xo6T_JZXoSpojJE79VDXBfbNkebHLLZoj_hdvEquDA9szlXI0hSsBTd0V2BwBTSbMTyZHS5LkYTmo7tRMFjXYDTO3ZVFnmASsBnotyreApOqHwTAN4s3YPX5H22RAxtgPAmnyFAAdWTkUkBHN6GqHpV0y1vwODRGoa3puj-KfWfFY86Vx4qT-r-995WGGgAQP3ZFlYDUSaUaADp-QJD9fKhIq_2qd5eAJwaPFgfojrLEsFVk8_vXpBiX-WbcpGBA10ZIv6_Wn6nyHuIch35WkCilioPIN8Hpn1gjq7aKjITK6Fw3y92zQoJMjkN1KvRye_6waIlNEHz9LxyGnmbcMOuqXlRr_LF4p2JkEDG4kAzhZsYXflMqCGB0ycSiA-f0aHtK8AVU2LH3jV5U5QrYZoJJ64HKmqhqPUo622oSyK03sBDCVmoG5dGPJz7okEwJGdO8Gt6R-xEmyxQr46NWEaaX9m1SjWXv7MhU7vm16yA0Z-5xkfKlTHwthgAsM1mUYlwkU4kr0bAin_qq0OtkoRZTWfsweMOFAZ57eTBjP3cNna3CEm9Mt7zF0_LTJAOU0HZm_GtJVMfPMovasUGgxy7NwC7UbMCy09Bfg2Jqkka4vfagdDYJkE1iufzL9ww0XXHdwIbE42SbZ4ZDaIECvWGqbrCdnzB0ZPCkang4SMcykg0gCvQZ4PORC5uU90ddl6w5RKFrsOWmvt9KolonoXfVUjCvSYyuCUGIsUfzxVNad130lv0pJH-2k1OFPVM4YFNhwtk9b9bmeqGZ0fiiohXpEaeukhSG8-11tiuyqj7oC5Mr1HN2MvSkO6fLZYI3Rdo6wvASowqiN2UkNCVXdtafi7cKF_J4WIyOeA5zwig8FWTUCMJvTrZQnG97GGAS1y2oEVebpYZ635y15ul0XMlmtjHq2NRyfDOcQw4tinGY59cmg3C-kymWuDrhIt1gqIwESNq1IRBwGrNV_O2CcouwP5ynss2sfHr-ENLT7ZBrhjPve5slmaFOXRdYS4LvgZvcDfnCgyfl5jU99LHhnDE1GhUDAiwI7F1JmgJuYG-eiN7op5JD38kbjL2v-CURuULNazJj6AgBecmEwu8ok-fVRxa65OqglZtoHAMkYSOVQQsxKk0rpQ1TBCt9XzK5gx46gjwwbx_8aOtmTJoNyK1VixYsotYdx96YIDMvQfnqonTZf8-ViQqTIbElvBAEqrRYA-JrVeDGToe-O-QMpFjTqfZ5kLTd0W42GHLrllxR8WNCyw_4jpBzxtZpNUbCzEahghxklNhWH9DUokqVarU5tC8RcSiPdsSVYyLuGglP-uOQKCcI0islq8tc1iQ549ViDXnx-PxxM4sgd6ZhXC02RR5OcVjtTECeNnOFX_4qSFonEbN1S7sGzvT4AVMqMoZ4wjFu4BSgVH8Jom7ag_azHXGWwYaUVuZUqAq0ga1YR9haq6WyyFTsBuJLQcX60iDQ1_1YzZU-fDexxbXGQ2OZ2S1Njb6Yf4jbkJPyzMGA17A2xIhdq_R3NWZy5v3OkqAbGfSmwC4CAjPKpbJmjUJy_hXl9O-2yxqBQeOeMBa9UWyfFLd-a3tbYB8135vrLAbjRYxSHp0gFv2DgNyK82raZYr0AShh68k-ycO-iGJYh5bpvAziFtCjdIik6Z0PHoQKs6AxJPbQp7reFAPj0-P8QQRRDzHG5w-RVOW1c0S4CQ1R9tOaFmDsgYm9Hxdfu3Bv9gvTl2W12aIc8Dzv1hVRwQZUgCiPthzTkbMwiE1hRU_1RatlmWfh2xLQ0SA_m1Amu-wELSuHUcHj4QzjoTjm43V9VLHMZrDUnJ3WDdIUWgZr64__UgafFYaE54PHaprho9h1u9nanHt_BlFzzymX_ljVsL2Vcu-NDm43vp4nQcwWw7a1sYVaz0mEWDfD3e0e9ts1KYYxSGE4mZMUJ7tO6hvHHSmNZX1IJyflFQYN8fyx0sdTQd-3jNen6it1FOidJyKzh1-7VA2ETdGk4qcCvWiwFt6jSFPs2riNbUVXvWtRSlyCgUvRXIeMPs3opcHXgPWEQ2JVVjyl2Fpkr3LMCVEo3aQwzSN7heawMT88ZlxpGqLS_amUgaLjI2X73LLgb6AkxJraQnV9DVoronX8pm79sC9OfroxT8cHC0o51x6moIgv9eh42WiG3VwfGJWZ4MCGveDmfGUjDQed0Y0wVZzm4z0TbJ22Xd1mmFfLw72Se6wofyhQjHPw9mXdhZA0s4PBE2J3Ntt8BdBM5zisbNuXPDt14xPG1GbLvZ5DJdY6JjYGsku1AEZMCs1hHityatXBGxgYTSMAEgqNXwF5vutPd03XhLGoyg4Ctk3gr7xbI2JjsxO42tvG0QmgIadw6tqKRvtxgPtEcQiUXt5IKjLPXXG5II0opia46EYsscMhEK-8cJlbO8YX5Hy9newZZN4o-wvGD3_7ABL0eLaDsU1dZC2OsKwxyqLY0KNMXSkE_KutnI6Ec5bVspsZQq-L5EiUGYIfzioD44rKlWuXE9h4nHUsEAbEcER&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F0FF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 05:00:24 GMT
expires
Thu, 19 May 2022 05:00:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42221
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5DE1 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCVMcu2dnO4unoJoO1Df0xZfEYGCe6n7FDUqxPbVka0lAlX7CkBhvKhT-qhlDiS1Nvhpe2Oo1QPHrm4OFPOK-A5KhJ5nWH1ENbphRulPoYk9gbEpbkceqvPRWXBhkQaLCWweUUzLG5x2yQ9T9R709qOccVHx_j3tgjwkmquQtoBj52O1Pi-KAzgXE9G499cE537Hl0NxWC5cEZuQATZUrrXJqu1jDA4jRZC8FMkIxcwC1q6SFic0N3pq_05CUZ9fYOQmB0m72UnPKeuBeY2Xjibr2A_GQjBK0sBrfXmgF33V-7-dFexSLgV8nbApK-BGtlPhouloHW6L4BRtshHy62403Q4PYymCq-CDy11XZUPfNVRqRaG5q1_ovUYl1CLuV6easkH3vTwZDzWD8uMpW6btoWHp1Oiyu9eoHaj-NcFjd3WGpOOjf2NQEFsgbxlyB9SzY125u2b2NAvTfWQQzeFw2n5w8TDHymhRUBiVt5HnRfgUoMm1x03d0NTtrQD6C8OvnCJvUOFooVszF2KfCzXojlNqcXFlwx-ftDxkPG1u2U937GNlN-BkZBBv5n2ZLaVzLjkOFj3ar4srdscq0X--2Rnb4ZW3ZNyo-wtjVZ2VmgDjbsoeAO9KfKl5mb--NU033nvD-mu_FnVxiU4b7ijnboJ91E2W8KBOx6DacD8WK-fdozdUNHc30yDsf8wV-mQ7_v12fhBmAYB-PGJs67FrCYxYaSG3L8jpkBZ56A0gEDr9CzeNP0hNfMN-K7rg2_vO8RK2dBVnlkqkRWcWy_ZeoZWbjgkp1w3dpUHKEgHOo_pcXxInE5uUnLoZygDeBORzjih5iYeIGIftFIjI72ffYxDBuxdYIo9v_N32S0Lx1QOWLLdIRxbMabH4ltv09mm_0ZRKtjNuvsBLJPFPdRSjIi0IesDEWsPb9wUNIW4GLWQB2hyA-XzjGlzD0vOYuFqMq7OPaaf0zgoDq9aX3RiWtfHMa3BFHVIMDmMB1CrWIv7F_uKXoF3m6vAuYKPFnp973LOnRr12Q4xbyHx4Cexmm_L0TSRq14uSQmb5bUygvYrL_k4gMBgAqldDNHqdn-zd9Urxcnzn68agFLuzleCAPrayWVf3jCwFDXi6DWjW2wVpr8NRH3XzLT8rOjtQYeStXoXtWM7rQ1AIyhfjAf0oZQOyycgHOZB0i74AIEBd03GPZDRcFm7W0&sai=AMfl-YQgWQ9-qMXgFU-8XVWa2QEyzXE6KSiRfmZgqXZgiJJU60ggmeQBdOapwfAJIfTcJAkDbZiqahNc4q_oLktfWABj-Q0qPxYakUMSKa1nWkZwKF4zrqmEtTUROphHNpdXGdjYGuHwb9gnzYeEhHJvExIZU0IR1xMuWWLS65ZtjDRhSoNvpmlqT3wkVPU44rd2UOikZRhEuB-iItnv5Q3UhvVbWyr2_6aqqDrrNBFPPw&sig=Cg0ArKJSzPm7QEoscCHeEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=95&vt=11&dtpt=94&dett=2&cstd=0&cisv=r20210517.89023&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYi6eFMTYGM4YGpCJFP9PSICBqEX1miyB-5OMnXv-oxV20q3nloEoD82IpkXjy2PHrmpb_INO_vgR13UH-6QulTlr0CZBjGIENylmTuakwVGG7nHauXSKTArakePrJBdItDhs5Nf1P8nY_nDiJiQr2DAaEwg&dbm_d=AKAmf-B_d-90IK2gnc5GVFQIZVwDRnh3NwF0v4OXXdZJCeF5PVgEXHptSqSRyuuXeYW5UqfeoujIM1_3A0v8kerb0TaiZPCrPQFL86stVa8uJIPWh5t43ZmVA0yRAdrbQJj4Pcb9IlKQQutfqsv8qhfcfqd-hBs5me4GZSem0MfFxCgkWuQvZ8XsBNOAGkmuKK6AuOmfL52a5R-QJIVb2LF0rYdiLv9814p8BFNdQfujEf77ByenhWObi3iwjv-oyNzQmqYN06uljCZA4PtccaCojQYCPBefO9n9dWdD8-3oESoItQNAELskvuBYG3Km7QRcq7qXX9OPPeyRD7XkVQi_efjMuaU985vwl3ehFf2HkgVAQk_JvDZXKfwtD8GsxTPkXTYVyEdpY-hWNnk470bWeYNXXVr5BhIf_hsyHhpPzPgIjBANM60le_0I7JhzUIRz3a8BBto1TIHj9ksNZFp0MiNrh3VzJ-VNHBWqHE_Hoo3HJp3lkKC4rWAkS1CYu2Y6gRMixU7D_TSzZdI0LleMVNedrMRKhEuMcNVRoP2RYuX0LdIRDa7Z1ocvchBEdvATtHewjXD-CNgVRpGEz5FnB53HXPqasME9u9jKuEs5WCokiLrTXDXQ-bfdG1Ly-cVclnEv9rrYBHIe-KyHwW9LRGVMAKY4WZE8RGbPuJ1eXya5Bj4_GjBxxPjyY1beJrOg6eoGh_uthqu4NPT-46aH63guMRbWbNLEZJ7gj6xl6Z7I-6VBYy6LD8fIQtMwAgvRnccv_BV3L8CZpgGu3rno62Eo8AcWZe9ZIoOFhJ1QXMu_DgSGrhkYGmHAVQMQXrwHyQZHRl7LlgeS78_0WTC8NdhY6mgUQWcaKIYLC5LK3NKE5243PjbqLsuZJiBg3N3Row15FQeC9syGoisXAPddYA3Enblnmgy-c5RS2BfmxlqAt0VTLvXcWgSuCL95OQ25z8ZRbkR-fIBSvY0rS-odYYLb0MAgtDkrvjVHe1v6qUZAlcnEkqWgC-y-XxsDcum2Oijq50r-9K1kbxe5BH2dqvbgfMjJno9bxLKaKk_6RCK3IBqWgCC8ouhi1Xul8OehbYz57KiZrHCRzVamJDK-uwfbwCzhGjOJjVxvLNKFcMP_T-7fwD74hLq7zAu3Pp5TWBjcqGkI8Djt6bvbDa1eJHckrWsfsgxvuygyVWfQvkurLwrVseOpI89PaRDI2JQbuy0d_4LMvFe07b1j7P3zuzFhrKY1miwyiJv3XJl7dvbIr4cYcSckRei3D6oNrE0Tf4TeD7xbd3wBKIfsmkm9z636arWzf6M8e9gOVoSkkIVPyM69GUedjtbe0ULshkzi3vW_MwceIXqg1yRXfc8Lsf-fjuAMxStwJUeHnlne76QgXEBp04Uhp8xDKd1SD_qr8m93g47C_ad6r6VI7Ii0QI1aAAnGQMRUSaVcDRv9k8ImZzTiMesJ3k55s5THlPlJW-vzK1QNJFqTMQtuUKMSIISQEvixU_XJu2YWY_sva6b-RSt9iVzP3vcjIB5C1gNEAgmeIsP-YF9v2izM63nPtcgnt1P3kEOI1kphJtwVC-W_y-EhsLU4rkBK08Z7TnQhSmfA6yQwONCd9yxuJABRI3rRZzVtR1qN1tPBG5RPgCX-tvWEuux6tLrRm0nUfKbddqVgwlH2qihYZ6fi-FZNqtVoPZiViijjFOVbHMgSpLtMUTf7d9CBHBV3VEnJHWf2tXjipjk7ECMkaVIEdTL0_8yAb6dD7NnGwceTt6YFQrrrPi0mh5effaIsbWtWTuElvuJsXF1Q52xNx0UoPRkpgdp1LWRjaS1RI-bcBnOwJxFQpARJ9K77b_GvfCJwJWFT0GeC4o3b7Tz6JHhzbwgtrOHISgPjqJlcv0OLdCU9f0Jji7jZNPkMPoqQVdyGCLZ3WEG1YD3UBy-aUu-urn5hpGapM4_piU1E7100tIVwGC-Af7ZaPjGrdKG2AIq7DUTUvcKq-7BVb94aryNmHs0XU_EONnQS12nMc4ltBib3_D4XSshnXwbVV5EHEP0RZjTam0u68QKfrX_Y54DjjLFs4GmDuX8l_kIUziPPOIBiWlBWDDa4OxfQG1-FkuGUt1xKb9WgyeHDw2Qw2ziSepKbhgDPybH_ocn9aa4Y9qGVzyP98zrkSNA_eo7n54JP88H6jDS0DZBjNhq3cs7JgonUhm5cl1p72tGynTeHPsiJtbKchQZbi6NVX4DUhH7PFtrPgYAGllhbAlmbSBS0HdwFm3WERvf2uaYxbwsWhYgMFC4_rATHatYrDaZ0d8cbjVYTxJSNmWh0CA9IZew2I4PG9eFyniLNSjUguL5OoEPD3JkB1Tntmw8bkKdSyqzf4RUMYGNNfcFqdQk_CSQ21axv5mm6hZtQDd34DvWo3k-n3_o1ARMwxn4lxensDeZg_mmgvkF2p_-eJ5n3rTGyq1qnMpe4no_HyL55rxIiuLD6y61ZzWfY2Xq2zoSOjp80rhR30LtKp0j6rvp754Qi493zf3isWdjRIxehl1ctP36wO-f8ECwQwNZdUf2wDqk0BQ95B55JXt-Um6hNEU7Z3Dgmc1b2NaJannm-Q_SfRL4yaazZnCx59tFFE_nmgb0B5Qqh8kf1jUJJtpfMHOvmVMW7PiiOyHxFMTXux8hayHCEXEo1OMyRrHmLOT5CrWbyHGBGrUyiHuqjuSVgfeFjmg1gPg-vWIf6bnMrcgGZ9oxgsQas3wOzdaq7j3g3aZcHHN9KYZ3cr2G1-z1wk9-h7xms0ciX6xnVQoD-jewdRhdAqmp9U6d5gZJR1zBjDfjYxHZ4DpE8wO-GKIDDv0eFjxqCmJIMabKFgKHz03tWJWTPVJXQPa6RcyDSd17HUG6rb-iCk7Q9cozFXMr-1jIK3MX--dZl0eRvAe2j08FSjmRg2_2MKD00V1yemEfKK9aFZZr4hy6k5n433Cf8JwN7s2zJYFkonY1t9urDoD0QRZJoAtHFv_8pEsn2yH5nzkICT1GlrBN9KxmOYinKRvOj2UihmoPsvRvSlyZ8h312OUSKtUzdHHXLcl_rYliWQOzz91Vxr8eo8yr8IgLJ_uuI_GaaijSDlKymHBGXZC2griLScPjsikt7u0l0d7K_P03IJNcC_8pjxHOz&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&rfl=1%2Chttps%253A%252F%252Fgetnada.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE92 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 05:00:24 GMT
expires
Thu, 19 May 2022 05:00:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42221
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A474 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be25b7040daa126e5edb3ab258a5c4a3956d7b0679cd9d2701269993d568564f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 368F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 19 May 2021 05:00:24 GMT
expires
Thu, 19 May 2022 05:00:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
42221
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5DE1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eb8a98f6261bff65e08be14d6e79f7a6da035471ca60b3fad5d81e0dd5e8738

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame EA48
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
URL: https://a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk_g8PW_4mD4rTSF9mD8pN9ec2JK83JEOz5miTzauW7FAbDxjGucKpq1iFRWWE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 May 2021 16:44:05 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 19-May-2021 17:44:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 May 2021 16:44:05 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 May 2021 16:44:05 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
pagead2.googlesyndication.com/bg/ Frame 7B8A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
14212
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5770
x-xss-protection
0
expires
Thu, 19 May 2022 12:47:13 GMT
NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
pagead2.googlesyndication.com/bg/ Frame F0FF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
14212
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5770
x-xss-protection
0
expires
Thu, 19 May 2022 12:47:13 GMT
NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
pagead2.googlesyndication.com/bg/ Frame CE92 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
14212
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5770
x-xss-protection
0
expires
Thu, 19 May 2022 12:47:13 GMT
NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
pagead2.googlesyndication.com/bg/ Frame 368F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 12:47:13 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
14212
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5770
x-xss-protection
0
expires
Thu, 19 May 2022 12:47:13 GMT
truncated
/ Frame 0249 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e0e852e566f02d1ff0562bd0ec7b5aae702a3c9d34552bd0d3dea1ed9467b89

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 0249 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A474 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CFC4 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DE1 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a969554017777d9e39ce09df6e7031a&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
5970ec9738f9236fdb95ea4f1ddb5fa2d773eb02bfdf9d77c5868f5e7cd64168

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a96907c017777d9df8fe09dbbb60337&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
7959cba09100a237b778565215d81f83ff06c75e9fbee169d01bc79a5b6eeefe

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a969554017777d9e39ce0a034dd031b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e2f93aeef6630f424ed0998c832cd41fd54d866f766a46213405abeaae34f182

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a96907c017777d9df8fe09fa6ba033b&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
631023ea459bd04e3d0fcd43488249edc3e7e1b1e23674c79d7fa1abbbe4782c

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a96907c017777d9df8fe09fea0c033c&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
9bb0797b6d9b283c243f713d3d5ae258fdc2f5794517b5394323efac413fec06

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a96907c017777d9df8fe0a19284033d&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
052d04ffea679f1a8a237b8e7df06acfffac7f8e1f3fe20939b6a7f5e5e38d6b

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a969d89017777d9dbe1e0a14fce034e&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
ca606bb050cc9452cb7453be0926c2d539de94ff4cf0c8485eb2d20c1fb3448e

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a96907c017777d9df8fe0a34e6b0340&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
d78a36966f6a2a9ae94a27bd0ccc6ee345d34839476e5fb68d7851860f4de24f

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a969554017777d9e39ce0a30408031f&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
0bbfc250896301c66b7c21f5382d027416087bc02042ede6e4fc8c0d0c26563a

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96997a0177771a8bcd1b82d7af0025&pos=8a969d89017777d9dbe1e0a2b8750350&cmd=bid&secure=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
2e81cdcc88cc0a8866ab9d23bf66b4e29ab258243c234bfe44f309fa9747dc93

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:05 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-13-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://getnada.com
date
Wed, 19 May 2021 16:44:05 GMT
access-control-allow-credentials
true
vary
Origin
prebid
mp.4dex.io/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
230.247.227.35.bc.googleusercontent.com
Software
/
Resource Hash
444d23c8bcd8913ffe7535995e72e97ba9be98342ca2c2f36caad95682bdcfd0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
x-warn
Selecting bids. No selected bids
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getnada.com
no-bid
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
655
via
1.1 google
expires
0
adreq
ads.servenobid.com/ 		188 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6624
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f52439144ef6471c5ed9740a0dc524b77b157509b66cca7a8c3940359bb9ea8b

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://getnada.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.32.0&cb=75984106461
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 May 2021 16:44:05 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getnada.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		496 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
83457e126fb95de1d4f89567c3bf77845b9d197d80da519fc8099ec58a8777a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:05 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.241:80
AN-X-Request-Uuid
684869ff-0de5-4066-9ed6-5636543d4461
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://getnada.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		93 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.32.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
01b2b41e747ce2ff3382e722c10e04877721916d1810521fc67dc86fd8e4049b

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://getnada.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051301&jk=2093957222092118&bg=!JCelJ2PNAAZ7hX_Ue4U7ACkAdvg8WkIQ-mh8MdYQoaZ8UORXR8hdDvDLlgjYfA5y1SnvZm4MfZ4PKgIAAADMUgAAACFoAQcKAF06C-6AtBEuuSrELUYTubR9QM8-K0mvI63-kCzl_Si7sxwcd3m48ALfGYpMrsSiRPGsih_F6SL6hVM1Czk3EZdaOOW48eZz40Jqq3HTfIo99MvtXgyZrmsJal7Zh4GZAjfysC3me-mnfXrRYyQvMw2YPb2K8iJSosnGLUwIP53J_S3XweYf8Si5rG7xSYZHCo2T21OeDpQi2e2E8MTHassjDpQ_JgcyXFJHQzY9_2I4lnbzPh8SPdfLoEMzrHm8UdOrchfNciql2qZF3cNns5zLFyzbllKk18pa9pBT_xhCFIdM1XXr4HY_dQqMgtSCg_05e4SGUIuWONWrghhYFCFzi9giPjDnnvF59XGqqTxTJ4tYu139E9KSaLysenlOLmJ7LqTaWEdDM2EopBr8JBnuHG2RUZmWJCKWK0_wUmnDP61YysCAh5Paly9v8ISpWI_UTxVConI1kaOFaiVjSO-o0lLgMVnu1nI8jCDp1odhVeVEmFXHbQl-iIaCxHzVOHRG5ixP0VH9nugIGY1-klie8h0wvUytN3Eo190BZSn0RTF3P7vBwLWYqq-FgO2Yw15Sf_S4Vlq3K4K4E4ytu4u6YIR09Ck7TPHCDUdyEjsD8NkSx2r84xMb3FmBMAHFSuyIH61oHeqTSWWc5Uu9bRa3gtCXIxt8OJnAFXfHZptPeNGcE63PTxMsIakg8RyI-j0M78OmcMzWdAydqcIt7SzdEdq-S1NX3gu2qwe3ErfI3_eIF0P7YyKjyW1P92pf1IRDnsyYOt_Uu1eRFWsPMWnrXOJec89GevjRdlYE6Aq8d25cTSdokK_XQiH7SqPv3GO1mr51kKK0Yv4rxwrbGPO59JckI2aHfbt2hGagrBbLzWrX0aIBRpQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=getnada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=getnada.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2093957222092118&correlator=4359738798603988&output=ldjh&impl=fifs&eid=31060988%2C31060413%2C31061142%2C44743003&vrg=2021051301&ptt=17&sc=1&sfv=1-0-38&ecs=20210519&iu_parts=8691100%2CGetNada_S2S_FixedFooter_ROS%2CGetNada_S2S_InContent_ROS_Pos3%2CGetNada_S2S_Leaderboard_ROS_ATF%2CGetNada_S2S_Leaderboard_ROS_BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C320x50%7C300x250%7C728x90%2C728x90%7C970x90%2C728x90%7C970x90%7C970x250&fluid=0%2Cheight%2C0%2C0&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1601655185472-9_123456%26optimize_inview%3Dfalse%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1603135851093-6_123456%26optimize_inview%3Dtrue%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1603400042784-1_123456%26optimize_inview%3Dtrue%7Coptimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1603400082904-5_123456%26optimize_inview%3Dtrue&eri=1&cust_params=optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dlifestyle%26optimize_env%3Dprod%26optimize_pub%3Dgetnada%26optimize_refreshed%3Dfalse&cookie=ID%3Dbb9bbc57ea9be28a-22aa00d219c800b6%3AT%3D1621442644%3AS%3DALNI_MbD_YHn6cTYQ8ioEJXNjw7axyV7jQ&bc=31&abxe=1&lmt=1621442646&dt=1621442646123&dlt=1621442644119&idt=419&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C778%2C564%2C436&adys=1105%2C828%2C574%2C16&adks=4065119108%2C2838864979%2C4165432093%2C1779617747&ucis=5%7C6%7C7%7C8&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgetnada.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C456x80%7C456x80%7C800x256&msz=728x-1%7C300x0%7C728x0%7C728x224&ga_vid=2134984649.1621442645&ga_sid=1621442645&ga_hid=399601071&ga_fc=false&fws=512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
57d01d10f725f07780284b2c6a28f63b01810ad435ceef0bd8e078d5163e6b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7539
x-xss-protection
0
google-lineitem-id
5320060794,5320060794,5320060794,5320060794
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305491763,138305847538,138305491316,138305847535
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getnada.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame E372 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:10:58 GMT
expires
Thu, 19 May 2022 16:10:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1988
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame D10E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:10:58 GMT
expires
Thu, 19 May 2022 16:10:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1988
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame A0F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:10:58 GMT
expires
Thu, 19 May 2022 16:10:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1988
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 7AE4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 19 May 2021 16:10:58 GMT
expires
Thu, 19 May 2022 16:10:58 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1988
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E372 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116704
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 May 2022 08:19:02 GMT
ttj
secure.adnxs.com/ Frame E372 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1351016036&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8c27df6e0b06f5ad4f23da721af180790775e49f75c129937113fb19cb0ea935
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.253:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2fc86084-cab9-48bd-9ca1-03e0f8522bb1
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E372 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D10E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116704
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 May 2022 08:19:02 GMT
ttj
secure.adnxs.com/ Frame D10E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1181934127&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ee9e3b0398d2a4b5f6a4a2f533b748f281aa36392dbed61a38b4446e590242ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.79:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c18b0f6e-218a-45dd-9744-04d3db1090a6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D10E 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A0F7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116704
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 May 2022 08:19:02 GMT
ttj
secure.adnxs.com/ Frame A0F7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1992954871&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1534a07424ddecbe87c83f5975ef83a9e8771638220f93b802f14a332a1f69a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.249:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
85f2f2d7-07c4-47ce-8aa8-a05e54e098de
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0F7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:06 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7AE4 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 08:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116704
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 May 2022 08:19:02 GMT
ttj
secure.adnxs.com/ Frame 7AE4 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?id=18678115&size=970x250&cb=381653379&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0f58744cea6864c2410a66c71e675411596dad625b71a268817923fd4ae737b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.69:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fc55c227-165f-4844-aaf6-64d35f7fac5c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7AE4 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621251134821955"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36689
x-xss-protection
0
expires
Wed, 19 May 2021 16:44:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E372 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzpg1CZb4Mfp-qKY8Qy4l9TpA2SUBW5y8ndhkk-MMtjwNY4pnkN6VwYC4H85ScYWsEYVnOFzHdGOAUvD30y0UqCqqt1IWZ94e_gZ-6a8TvV6jImhLpB9HL5KVK14EwNAcFK18vEDqtfPIEdjFlIWuy8T-tQ0pYKB-SxXWzC6QcR2KBf9pwFVkogF_ILXQeeFntXpCDc6_NGr4h_xeRQcJfQVEHGPh4Z_qoRvWLAcDvQckr4jbJ2CxwyQyT5hhdo6MAnzCaqAceUl0fw5N5jQWaki8HoIjTF3j6KY0TKs6NbqhYELdq&sig=Cg0ArKJSzGBDbtkv0Y4HEAE&urlfix=1&adurl=
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame D10E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7qq8VpsSb98wxzpz6D9jstUye3-Ne6R1gWTbleK4v5d9rGtY7-LAEIX__n51afd6GeFX4veCXqiGdxRK6t_helSUyXi8T73Xy9oRGl8qIipT1g6tsnmoV8uMIcGTbqxLzs_fOqklmjBc6CEYB9RA8d4zXoEhNajvBm3t4CmqevGIhZrUc0sDxj49ZiQKdbZzoRvWMD0Tn8koB0JcqIkRNXX2ji_T6xo_4NGPK272-L4Du6l5RRlBnKfHZGZ7L1qbflDqQmwLsOoCXdUR2_3eDYqF7Ua4M35HsYyN0wnK_O3jOypHF_89a9KO-rA&sig=Cg0ArKJSzD6TCZY6LKrTEAE&urlfix=1&adurl=
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
gum.criteo.com/ Frame D10E 		51 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1181934127&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 19 May 2021 16:44:06 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1441
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame D10E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1181934127&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1181934127&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cc5bfddf3aa6ef5fd3352b6c55c9d6ea56281efc21aa80935e5713e9690d7755
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
41873061
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.253:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3354ac4c-c00c-4427-af5f-dbcf287c5683
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame E372 		51 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1351016036&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 19 May 2021 16:44:06 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1512
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame E372 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1351016036&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1351016036&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6edfc05fcc1323c28579dd7646d60cac2208bc292946625bf02ce9452204f4af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
41873061
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.44:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
edffbb0c-c4a4-4173-be4f-90a3f6c0b3c9
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A0F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRL7PgUdM718wt3o97N_kN8aFqSw39tca5mgcUqoD-QSRb4r5o9ls0OFGUTdKXxEJeHzaYF3aWUBaWDV35t7sKipl8A8kiUNUGB_EMpn79Xa4952oaLgq--21zhpAHAdJ8vECSHrs4iaQr78Z-kwWRgdGgpN9B0PJLtHsQVihTFZJ75qzAJ_RQZgEN_9h-TXiK7cSOpmtVLjMVeKEdD27EI48t0xjsS7r1ug1iPw5AsmSNl7V8g7wj0xvKWY2u7q9o5W5M8cb0cXoitO8lIDcHuO75-sBNLyiRvL67HeVuzumJ_tJAbZYUiQ&sig=Cg0ArKJSzFDAq3WR1pY7EAE&urlfix=1&adurl=
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
gum.criteo.com/ Frame A0F7 		51 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1992954871&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 19 May 2021 16:44:05 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1439
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame A0F7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1992954871&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1992954871&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
df2140fe14c7af2c2ce796f5ed54b6301a96f57c5e8879b7df6973e0839f4985
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
41873061
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.201:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c7a63b67-01fa-4ac1-989d-a39a223e73d3
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7AE4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN_znMudczIQECUz-1BqvRoC4pbxU_0XsC51KumXH9s7f-db_cxGJuKCkhJEHiZVSzdVRjAlnAqxeVVqHXVxPdyd-WfSmg1Q0ZVTubRUgVluDB86iURd9DDF5hL95ISF0mzROdqZh9F-1Nx6myImP05HMp6pGs_pEbA9SVg3NG-Ebubkz1mXRd2DyHiU1WWOsCaNRjE3mfPgFfWZnK8TJh497iKfJ7ABM8PW0NHonNm4GuRvvMrg7jGGVKcxEoyfYcb7QjIsce4X1fOR9utVVIKkyGHKX-_C2EKxMzp7mBqqX_oNGD-1Qm8Q&sig=Cg0ArKJSzDc0v_G_ngzyEAE&urlfix=1&adurl=
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
gum.criteo.com/ Frame 7AE4 		51 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=970x250&cb=381653379&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 19 May 2021 16:44:05 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1947
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame 7AE4 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=970x250&cb=381653379&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=970x250&cb=381653379&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
818ca601ade7dece6efeb7c58a326f53da05f746f7aaeb97d69125d82e80503b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
59211611
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.78:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5c2cdf7b-2e06-4d99-8c10-c12cdf17775c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame E372 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?id=6589257&psa=0&cb=213647341&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAAG5mRUMxX_xCACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAKhNJqQAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1351016036&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0a0c278457a8e7f7f271de1008428ac1d94cd738dd234467f80a00be032c4c5a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.37:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
35e90537-951f-49cb-87dd-49ce195275f6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
fra1-ib.adnxs.com/ Frame E372 		0
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QLFB6DFAwAAAwDWAAUBCNaAlYUGEO7MlZqU5pf-QhiA0sS52euhhWIqNgkAAAkCABEJBywAABkAAABA4XqEPyEREgApEQkAMREb9NkCMOOC9Ag4ykFA5QFIAlCl3fsTWJjVUmAAaOvcmgF4AIABAYoBAJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQHIAQDQAQDYAQDgAQDqAeADaHR0cHMlM0ElMkYlMkZhZGNsaWNrLmcuZG91YmxlY2xpY2submV0JTJGcGNzJTJGY2xpY2slMjUzRnhhaSUyNTNEQUtBT2pzdGhZRldsTzA0Z2hEb2JqeW9hZkdHNWNPeVJzT21CRnpWanQzV0FHS1FkQUdnM3J0a1IyT3RDOURhNGVJR29CWTYxR0xUNmpiZm9UYmxSS0lvVjVxdk8xdFotZktFYUVYLWJ5NXVEaFZ2UE5qcUltYjBzQmZxR3hCNmlOTXg1TG1rVXNvZVZza2ptWWhaMzlZdTRKVEE4Y1A5dmdpTTljRmdNLUxoUW1DZ1hGYzdEVF94TVl2dVNHQXBHWUVxanRTZTlQQWtuSTdINGh0bUhSNkhzdm5rQ3dwS1hmcjg5UkFsYWRueWV6b19GcTBrX2VDc09TQ21mcFVRVVNPZ1FxVk9MelBEa21uOVlUU0pUWlpvWHpGclU3d0FRazNPbHdKSF9HUmFSaGZ1eERLNm0lMjUyNnNpZyUyNTNEQ2cwQXJLSlN6T0ZESV8xaDhid2RFQUUlMjUyNmZic19hZWlkJTI1M0QlMjU1Qmd3X2Zic2FlaWQlMjU1RCUyNTI2dXJsZml4JTI1M0QxJTI1MjZhZHVybCUyNTNE8AEA2AIA4AKf8D_qAhRodHRwczovL2dldG5hZGEuY29tL4ADAIgDAZADAJgDGaADAaoDAMADrALIAwDYA4DrkgHgAwDoAwD4AwGABACSBAQvdHRqmAQAogQOMTk1LjE4MS4xNzQuODmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAOAEAPAEpd37E4gFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAE3raNgFAeAFAPAFAPoFBAgAEACQBgCYBgC4BgDBBg0i8EMA2gYWChCFdB8QwSxLAaK9VQnzo7mPEAMYAeAGAPIGAggAgAcBiAcAoAcAugcPCAAQABgAIAAwADi9BkAAyAcA0gcNCRFLGBAAGADaBwYBaTgYAOAHAOoHAggA8AeH4wI.&s=34bb21dc3d86cd3a5ce48d7aabc0b325c4729db8
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1351016036&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.239:80
AN-X-Request-Uuid
25efd86b-757e-4742-a773-51d78e4e9010
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
analytics.js
s.update.ib.adnxs.com/2/225545/ Frame E372 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451608003798135000&pd=avt&di=https%3A%2F%2Fgetnada.com%2F&ui=7064607801522333952&ap=&sr=8394&pp=1070141&ti=4826837565820986990&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=18678115&cr=41873061&c1=fra1&c2=0&cb=213647341
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1351016036&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bdce4280d1dd49065aa5fca1787eaca74f3e19c0beec3f0838719078f7eebba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2717
Expires
0
ttj
ib.adnxs.com/ Frame A0F7 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?id=6589257&psa=0&cb=1731962567&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAANodbypwvc0hACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAqxMQ1QAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1992954871&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8e97255ee46a3eaa000d337737a11d22e47788ce63d0d8bd0d44a471eb8b48eb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.74:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a0099d13-c1dc-490f-9372-569e71a4aec2
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
fra1-ib.adnxs.com/ Frame A0F7 		0
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QLLB6DLAwAAAwDWAAUBCNaAlYUGENq7vNOCru_mIRiA0sS52euhhWIqNgkAAAkCABEJBywAABkAAABA4XqEPyEREgApEQkAMREb9CQCMOOC9Ag4ykFA5QFIAlCl3fsTWJjVUmAAaOvcmgF4AIABAYoBAJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQHIAQDQAQDYAQDgAQDqAeYDaHR0cHMlM0ElMkYlMkZhZGNsaWNrLmcuZG91YmxlY2xpY2submV0JTJGcGNzJTJGY2xpY2slMjUzRnhhaSUyNTNEQUtBT2pzdlJsYmV3MHlTRHNENi14UkNqOTJHc2RJSWhuNU1vZUJOOG9ZY2xISEtYbFNFU2kzVlNXYWxXNFpSWVVBcE52NUo0QzVGYTAzOTRtVHJ6ZmI1ZUcteXJaR3dhTWF5RV9TNzJTUktkb0dKUUpyemxVYnQ5NFE4U1d3NDRRTXFYSkZWWGpONHVCU3d5M3lGSjMxcjdNNGlZbERUZGdvVUd2TUMxTngzMTF6cFItWW91LTZZQ3dZeHZoYjJmV2ZUT095UWZtQ1NleG1hc1FpTUMyeldLVVV5cnF2Sm03c2RQN185YnA0YUZWZHNGYjlBQ0MzUVhpT09EbHlNTFNMQk1kRjBUU3BQV1JmZ29yeTM0MG5FVl9zMUJjM2FUYk90Wl96MTMxZ3FhaUZ6OXMwZWFmRWpvNnclMjUyNnNpZyUyNTNEQ2cwQXJLSlN6QzU1bTY5R2tiSEtFQUUlMjUyNmZic19hZWlkJTI1M0QlMjU1Qmd3X2Zic2FlaWQlMjU1RCUyNTI2dXJsZml4JTI1M0QxBREUYWR1cmwlIaTwn_ABANgCAOACn_A_6gIUaHR0cHM6Ly9nZXRuYWRhLmNvbS-AAwCIAwGQAwCYAxmgAwGqAwDAA6wCyAMA2AOA65IB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NS4xODEuMTc0Ljg5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCADgBADwBKXd-xOIBQGYBQCgBQDABQDJBQBF5RTwP9IFCQkFCzgAAADYBQHgBQDwBQD6BQQBUSiQBgCYBgC4BgDBBgEfAQEQ2gYWChABCS4BAFwQABgA4AYA8gYCCACABwGIBwCgBwC6Bw8BRA2VJL0GQADIBwDSBw0VbgE2CNoHBgklMOAHAOoHAggA8AeH4wI.&s=7efb80174efac4e64cfda2ed1284a3f824ce0f40
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1992954871&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.247:80
AN-X-Request-Uuid
32d37706-5600-42af-b8df-387cd08710b6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame E372 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=6589257&psa=0&cb=213647341&gdpr=0&gdpr_consent=&loc=%2C&pubclick=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FAAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAAG5mRUMxX_xCACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAKhNJqQAAAAA.%2Fbcr%3DAAAAAAAAAAA%3D%2Fbn%3D0%2Fclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ib.adnxs.com
URL: https://ib.adnxs.com/ttj?id=6589257&psa=0&cb=213647341&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAAG5mRUMxX_xCACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAKhNJqQAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthYFWlO04ghDobjyoafGG5cOyRsOmBFzVjt3WAGKQdAGg3rtkR2OtC9Da4eIGoBY61GLT6jbfoTblRKIoV5qvO1tZ-fKEaEX-by5uDhVvPNjqImb0sBfqGxB6iNMx5LmkUsoeVskjmYhZ39Yu4JTA8cP9vgiM9cFgM-LhQmCgXFc7DT_xMYvuSGApGYEqjtSe9PAknI7H4htmHR6HsvnkCwpKXfr89RAladnyezo_Fq0k_eCsOSCmfpUQUSOgQqVOLzPDkmn9YTSJTZZoXzFrU7wAQk3OlwJH_GRaRhfuxDK6m%2526sig%253DCg0ArKJSzOFDI_1h8bwdEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ceb0514c12f215f342b15a82ecd9b867dd6a775ef5d8575639b4e2dc951a82a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
247379743
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.74:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2da53602-1e11-4bb1-b147-31429679fa74
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame A0F7 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=6589257&psa=0&cb=1731962567&gdpr=0&gdpr_consent=&loc=%2C&pubclick=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FAAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAANodbypwvc0hACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAqxMQ1QAAAAA.%2Fbcr%3DAAAAAAAAAAA%3D%2Fbn%3D0%2Fclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ib.adnxs.com
URL: https://ib.adnxs.com/ttj?id=6589257&psa=0&cb=1731962567&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAANodbypwvc0hACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAqxMQ1QAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvRlbew0ySDsD6-xRCj92GsdIIhn5MoeBN8oYclHHKXlSESi3VSWalW4ZRYUApNv5J4C5Fa0394mTrzfb5eG-yrZGwaMayE_S72SRKdoGJQJrzlUbt94Q8SWw44QMqXJFVXjN4uBSwy3yFJ31r7M4iYlDTdgoUGvMC1Nx311zpR-You-6YCwYxvhb2fWfTOOyQfmCSexmasQiMC2zWKUUyrqvJm7sdP7_9bp4aFVdsFb9ACC3QXiOODlyMLSLBMdF0TSpPWRfgory340nEV_s1Bc3aTbOtZ_z131gqaiFz9s0eafEjo6w%2526sig%253DCg0ArKJSzC55m69GkbHKEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
abc865035cd1c647431c0bfd0b5fd1784ce0a861de6db87054bcd84dc40770c9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
165316634
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.232:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0959c1d2-bc13-4020-aec9-92cc4877c427
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame 7AE4 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?id=10043755&psa=0&cb=2078223452&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAKCZmak_AAAAAAAAAAAAAAAAAAAAABx2beBkubcuACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAABbf4cDmKoUAAAAAAAAAAAAVVNEAMoD-gBrrgAAAAABAgEAAAAAAMwAIRS6-gAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=970x250&cb=381653379&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3446feb97d26ebb0f0da4e01aebf7d7d1362dd0f9541caf4faa5f0699cc4eeba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.53:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8102ca15-556a-4141-9edf-b59bab897af6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
fra1-ib.adnxs.com/ Frame 7AE4 		0
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QLMB6DMAwAAAwDWAAUBCNaAlYUGEJzstYPOrO7bLhiA0sS52euhhWIqNgkAAAkCABEJBywAABkAAACgmZmpPyEREgApEQn0IQMxAAAAQOF6hD8w44L0CDjKQUDlAUgCUNv-nRxYmNVSYABo69yaAXgAgAEBigEAkgEDVVNEmAHKB6AB-gGoAQGwAQC4AQLAAQHIAQDQAQDYAQDgAQDqAeYDaHR0cHMlM0ElMkYlMkZhZGNsaWNrLmcuZG91YmxlY2xpY2submV0JTJGcGNzJTJGY2xpY2slMjUzRnhhaSUyNTNEQUtBT2pzdkRNUnF6NnRfUkJ0Q21rZ3MzU1BTMEp3ZGFRWkFPSVRQVzlnNVB5d3VkSjJGWVFsdGFMeDBiY0xxV2owX2pxd1dNVklLR3ZzaHRtd21kVjlkWDBxY3JMdzJYcTd6dzRVUmp2TWNyd3p2YWpvR0VTZDlUYnFZX2h2M0hBUVNZaHR5bmtxMTl0SXJoTV8tMUg3Z1QxUTdyWTVwT3lKNU5JakpkTlVyUGZUaUdJT1E0Q191WjhVOHo3VUg0Vk9CX1N2WlZWVVdXVkJrN2p3UGJqNHlUemZGN0k0WkViaEY2YjBkT3pXYWI5Z29oTWVQUUJRbGhnYW44Um1lcUZuU1JtXzR2VXhIa2NVTWthemJLTXNEelROcHE1emcxZjF5Q3g3YXBQS25TNEZPV0VobG9iaUZtaGclMjUyNnNpZyUyNTNEQ2cwQXJLSlN6R0xjSFR2dVBicjlFQUUlMjUyNmZic19hZWlkJTI1M0QlMjU1Qmd3X2Zic2FlaWQlMjU1RCUyNTI2dXJsZml4JTI1M0QxJTI1MjZhZHVybCUyNTNE8AEA2AIA4AKf8D_qAhRodHRwczovL2dldG5hZGEuY29tL4ADAIgDAZADAJgDGaADAaoDAMADrALIAwDYA4DrkgHgAwDoAwD4AwGABACSBAQvdHRqmAQAogQOMTk1LjE4MS4xNzQuODmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAOAEAPAE2_6dHIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAAAAANoGFgoQAAAAAAAAAAAAbSpgEAAYAOAGAPIGAggAgAcBiAcAoAcAugcPCAUaPCAAMAA4vQZAAMgHANIHDQkNNQUcCNoHBgklMOAHAOoHAggA8AeH4wI.&s=9643f5cc2fb095f5da136bbcd1ef705e78b46e58
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=970x250&cb=381653379&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.102:80
AN-X-Request-Uuid
485b4df9-19eb-4b9f-a6a8-9157d22f237f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame 7AE4 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=10043755&psa=0&cb=2078223452&gdpr=0&gdpr_consent=&loc=%2C&pubclick=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FAAAAAAAAAAAAAAAAAAAAAAAAAKCZmak_AAAAAAAAAAAAAAAAAAAAABx2beBkubcuACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAABbf4cDmKoUAAAAAAAAAAAAVVNEAMoD-gBrrgAAAAABAgEAAAAAAMwAIRS6-gAAAAA.%2Fbcr%3DAAAAAAAAAAA%3D%2Fbn%3D0%2Fclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ib.adnxs.com
URL: https://ib.adnxs.com/ttj?id=10043755&psa=0&cb=2078223452&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAKCZmak_AAAAAAAAAAAAAAAAAAAAABx2beBkubcuACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAABbf4cDmKoUAAAAAAAAAAAAVVNEAMoD-gBrrgAAAAABAgEAAAAAAMwAIRS6-gAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvDMRqz6t_RBtCmkgs3SPS0JwdaQZAOITPW9g5PywudJ2FYQltaLx0bcLqWj0_jqwWMVIKGvshtmwmdV9dX0qcrLw2Xq7zw4URjvMcrwzvajoGESd9TbqY_hv3HAQSYhtynkq19tIrhM_-1H7gT1Q7rY5pOyJ5NIjJdNUrPfTiGIOQ4C_uZ8U8z7UH4VOB_SvZVVUWWVBk7jwPbj4yTzfF7I4ZEbhF6b0dOzWab9gohMePQBQlhgan8RmeqFnSRm_4vUxHkcUMkazbKMsDzTNpq5zg1f1yCx7apPKnS4FOWEhlobiFmhg%2526sig%253DCg0ArKJSzGLcHTvuPbr9EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ee52aca2addb80357711553d004a94d8fe0e567a19f494b232e03496cf812e93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
260327795
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.43:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ea517bd0-e407-41c4-a7de-bf1aad62e9dd
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5b3aa22e-2343-4b59-a192-bdbe8631eb93.png
crcdn01.adnxs.com/creative/p/3854/2021/3/22/24693964/ Frame E372 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs.com/creative/p/3854/2021/3/22/24693964/5b3aa22e-2343-4b59-a192-bdbe8631eb93.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
a3340db24221742273eeca8474ed4d4b6ba6b001d038ee822e60c4a13717830b

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Via
1.1 varnish, 1.1 varnish
Age
1760690
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
40808
X-Served-By
cache-lga21927-LGA, cache-hhn4066-HHN
Last-Modified
Mon, 22 Mar 2021 21:44:59 GMT
Server
nginx/1.19.0
Cache-Control
max-age=3888000
X-Timer
S1621442647.512074,VS0,VE0
ETag
"834c0b9d8671ca9d8345770275b3e1bf"
x-amz-request-id
3f8917e2-bb3d-42ae-9f62-2e3191e0a68b
Access-Control-Allow-Origin
*
Expires
Sun, 13 Jun 2021 07:39:16 GMT
X-Clv-Request-Id
3f8917e2-bb3d-42ae-9f62-2e3191e0a68b
Accept-Ranges
bytes
Content-Type
image/png
X-Clv-S3-Version
2.5
X-Cache-Hits
1, 4
it
fra1-ib.adnxs.com/ Frame E372 		0
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QLBD6DBBwAAAwDWAAUBCNaAlYUGEJKCmfj1wJvFbRiA0sS52euhhWIqNgkAAAkCABEJBwgAABkJCQjwPyEJCQgAACkRCQAxCQmw8D8wyZaSAziOHkCOHkgCUJ_u-nVYqPs5YABo-a9VeLzKBYABAYoBA1VTRJIBAQbwT5gB2AWgAVqoAQGwAQC4AQLAAQPIAQLQAQDYAQDgAQDqAeQFaHR0cHMlM0ElMkYlMkZmcmExLWliLmFkbnhzLmNvbSUyRmNsaWNrJTNGQUFBVgMAGEVEaGVvUV9SHQBoRzVtUlVNeFhfeENBQ2t4bDEySENtSldRS1ZnBTAwR01CSFFIS0lBQUE1UQESAQokQ2w3bjRDbUtvVQESEQEwVlZORUFOZ0NXZ0Jycgk-DEJBZ0UJHxxNd0FLaE5KcQVEKEEuJTJGYmNyJTNECR4FAQglM0QBFxhuJTNEMCUyCdcUZW5jJTNENgQBPGFkY2xpY2suZy5kb3VibGUJDiBuZXQlMkZwY3MROxwlMjUzRnhhaQEI9NMBREFLQU9qc3RoWUZXbE8wNGdoRG9ianlvYWZHRzVjT3lSc09tQkZ6Vmp0M1dBR0tRZEFHZzNydGtSMk90QzlEYTRlSUdvQlk2MUdMVDZqYmZvVGJsUktJb1Y1cXZPMXRaLWZLRWFFWC1ieTV1RGhWdlBOanFJbWIwc0JmcUd4QjZpTk14NUxta1Vzb2VWc2tqbVloWjM5WXU0SlRBOGNQOXZnaU05Y0ZnTS1MaFFtQ2dYRmM3RFRfeE1ZdnVTR0FwR1lFcWp0U2U5UEFrbkk3SDRodG1IUjZIc3Zua0N3cEtYZnI4OVJBbGFkbnllem9fRnEwa19lQ3NPU0NtZnBVUVVTT2dRcVZPTHpQRGttbjlZVFNKVFpab1h6RnJVN3dBUWszT2x3SkhfR1JhUmhmdXhESzZtJTI1MjZzaWclMjUzRENnMEFyS0pTek9GRElfMWg4YndkRUFFJTI1MjZmYnNfYWVpZCUyNTNEJTI1NUJnd19mYnNhZWlkJTI1NUQlMjUyNnVybGZpeCUyNTNEMSUyNTI2YWR1cmwlMjUzRPABAIoCWXVmKCdhJywgNDkzNTcwMSwgMTYyMTQ0MjY0Nik7dWYoJ2knLCA0OTUyMzc3LCAxOh0APHInLCAyNDczNzk3NDMsIDEdH_BekgLlAyFoVVFWR1FpSWlZRVdFSl91LW5VWUFDQ28temt3QkRnQVFBUklqaDVReVphU0ExZ0FZTGdIYUFCd0FIZ0FnQUVBaUFFQWtBRUFtQUVBb0FFU3FBRURzQUVBdVFN4gEBCE1FQgEHCQE8REpBZnV4cXMybzdRWkEyUREoMER3UC1BQnVhS3VBdlUJMChKZ0NBS0FDQUxVQwU8BEwwCQjoT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5UQTVOLUFEd0N1QUJBQ0lCQUNRQkFDWUJBSEIJWQkBBHlRaXcFARROZ0VBUEURjShBQUFDSUJla25xUXHNFER3UDdFRgEaCQEIREJCHT8AeRUoDEFBQU4yKAAAWi4oAFw0QVVBOEFYS2lwUUctQVdWb0swQ2dnWUSBJjhpQVlBa0FZQm1BWUFvUVkBSgkBJEtnR0FiSUdKQWsJEAEBAEIdqwRCawESCQEAQx0YRExnR0NnLi6aAokBIWlnNjQydzbpASRxUHM1SUFRb0FEHTVMRG9KUmxKQk1UbzFNRGszUU1BclMR6QxQQV9VEQwMQUFBVx0MAFkdDABhHQwAYx0MOGVBQS7YAgDgArnQMOoCFIXA8Nc6Ly9nZXRuYWRhLmNvbS-AAwCIAwGQAwCYAxmgAwGqAwDAA6wCyAMA2AOA65IB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NS4xODEuMTc0Ljg5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzg1NCNGUkExOjUwOTfaBAIIAOAEAPAEn-76dYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcrtPvoFBAgAEACQBgCYBgC4BgDBBgDF-yjwP9AGoQ_aBhYKEAUQHQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaACABtSy9BkAAyAe8ygXSBw0VdgE4CNoHBgknMOAHAOoHAggA8AeH4wI.&s=c38cd0bd2f8e6400446eac9be3b14adcc05eb4b2
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.57:80
AN-X-Request-Uuid
9ee57387-e5e9-4acb-8b80-db3b8846dcac
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 770C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tpc.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7064607801522333952; anj=dTM7k!M4/8CxrEQF']wIg2GUcII-l=!1yIE'Yg-$0y=/d!!%sB$HwOb; icu=ChgI44kuEAoYASABKAEw1oCVhQY4AUABSAEKGAi9qEEQChgCIAIoAjDWgJWFBjgCQAJIAhDWgJWFBhgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 14 May 2021 05:43:20 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 May 2021 16:44:06 GMT
Age
39636
X-Served-By
cache-lga21946-LGA, cache-hhn4051-HHN
X-Cache
HIT, HIT
X-Cache-Hits
5, 925850
X-Timer
S1621442647.600835,VS0,VE0
Vary
Accept-Encoding
truncated
/ Frame E372 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4b3284954c9ab7baaf0cd93e93b51b7dbe757bbcb70735a8a7f5af0ab6ee5ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4725bdeb-eceb-42a7-b6fe-e77c927a340a.jpg
vcdn.adnxs.com/p/creative-image/47/25/bd/eb/ Frame A0F7 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vcdn.adnxs.com/p/creative-image/47/25/bd/eb/4725bdeb-eceb-42a7-b6fe-e77c927a340a.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
e62bbdfe8cbd461c753db0ca01e7e1018bf42847790abef0b4b62ee3a9c8c47f

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Last-Modified
Tue, 25 Jun 2019 13:13:53 GMT
Server
nginx/1.13.10
ETag
"5d121e11-13dbf"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81343
Expires
Sat, 03 Jul 2021 16:44:06 GMT
it
fra1-ib.adnxs.com/ Frame A0F7 		0
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QKiD6CiBwAAAwDWAAUBCNaAlYUGEIyG2Ku35aqVHhiA0sS52euhhWIqNgkAAAkCABEJBwgAABkJCQjwPyEJCQgAACkRCQAxCQmw8D8wyZaSAziOHkCOHkgCUJqQ6k5YqPs5YABo-a9VeNHFBYABAYoBA1VTRJIBAQbwT5gB2AWgAVqoAQGwAQC4AQLAAQPIAQLQAQDYAQDgAQDqAeoFaHR0cHMlM0ElMkYlMkZmcmExLWliLmFkbnhzLmNvbSUyRmNsaWNrJTNGQUFBVgMAGEVEaGVvUV9SHQBoTm9kYnlwd3ZjMGhBQ2t4bDEySENtSldRS1ZnBTAwR01CSFFIS0lBQUE1UQESAQokQ2w3bjRDbUtvVQESEQEwVlZORUFOZ0NXZ0Jycgk-DEJBZ0UJHxxNd0FxeE1RMQVEKEEuJTJGYmNyJTNECR4FAQglM0QBFxhuJTNEMCUyCdcUZW5jJTNENgQBPGFkY2xpY2suZy5kb3VibGUJDiBuZXQlMkZwY3MROxwlMjUzRnhhaQEI9EgCREFLQU9qc3ZSbGJldzB5U0RzRDYteFJDajkyR3NkSUlobjVNb2VCTjhvWWNsSEhLWGxTRVNpM1ZTV2FsVzRaUllVQXBOdjVKNEM1RmEwMzk0bVRyemZiNWVHLXlyWkd3YU1heUVfUzcyU1JLZG9HSlFKcnpsVWJ0OTRROFNXdzQ0UU1xWEpGVlhqTjR1QlN3eTN5RkozMXI3TTRpWWxEVGRnb1VHdk1DMU54MzExenBSLVlvdS02WUN3WXh2aGIyZldmVE9PeVFmbUNTZXhtYXNRaU1DMnpXS1VVeXJxdkptN3NkUDdfOWJwNGFGVmRzRmI5QUNDM1FYaU9PRGx5TUxTTEJNZEYwVFNwUFdSZmdvcnkzNDBuRVZfczFCYzNhVGJPdFpfejEzMWdxYWlGejlzMGVhZkVqbzZ3JTI1MjZzaWclMjUzRENnMEFyS0pTekM1NW02OUdrYkhLRUFFJTI1MjZmYnNfYWVpZCUyNTNEJTI1NUJnd19mYnNhZWlkJTI1NUQlMjUyNnVybGZpeCUyNTNEMSUyNTI2YWR1cmwlMjUzRPABAIoCPHVmKCdhJywgMjkxMzk5NCwgMTYyMTQ0MjY0Nik7dWYoJ3InLCAxNjUzMTY2MzQsIDE2MjE0NDI2NDYpO5IC3QMhb0VIWklBaUV3dWNPRUpxUTZrNFlBQ0NvLXprd0JEZ0FRQVJJamg1UXlaYVNBMWdBWUxnSGFBQndBSGdBZ0FFQWlBRUFrQUVBbUFFQW9BRVNxQUVEc0FFQXVRRUFBRakUQUFBTUVCAQcJATxESkFUNy05dHA5WEFOQTJRTfMkQUR3UC1BQkFQVQksKEpnQ0FLQUNBTFVDBTgETDAJCNhPQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVWlNRVEU2TlRFNU5lQUR3Q3VJQkFDUUJBQ1lCQUhCCVUJAQR5UWlYBQEUTmdFQVBFEYUoQUFBQ0lCY3NvcVFxrhREd1A3RUYBGgkBCERCQh0_AHkVKAxBQUFOMigAAFouKABcNEFVQThBV2x6Sm9ELUFYSzdiRUJnZ1lEgQc4aUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGEhMZ0dDZy4umgKJASFnZzdtMndpMuEBJHFQczVJQVFvQUQdNUxEb0pSbEpCTVRvMU1UazFRTUFyUxHpDFBBX1URDAxBQUFXHQwAWR0MAGEdDABjHQw4ZUFBLtgCAOACudAw6gIUhaHw7TovL2dldG5hZGEuY29tL4ADAIgDAZADAJgDGaADAaoDAMADrALIAwDYA4DrkgHgAwDoAwD4AwGABACSBAQvdHRqmAQAogQOMTk1LjE4MS4xNzQuODmoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA4zODU0I0ZSQTE6NTE5NdoEAggA4AQA8ASakOpOiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFg5Un-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBqEP2gYWChAAAAAAAAAFFgUBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGgAgAbUsvQZAAMgH0cUF0gcNFXYBOAjaBwYJJzDgBwDqBwIIAPAHh-MC&s=15a679bfa3a4f6860777155232733a3993d4e441
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.237:80
AN-X-Request-Uuid
4ecb5140-bac8-4f8d-9f58-d596b11dc2d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
7462c270-4914-4601-abcd-f4e056276618.jpg
crcdn01.adnxs.com/creative/p/3854/2020/12/3/22888091/ Frame 7AE4 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs.com/creative/p/3854/2020/12/3/22888091/7462c270-4914-4601-abcd-f4e056276618.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
207ccfedbe7939e698c1dd3adde00b322740985b7f534a27e043c5fe2b9b20aa

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Via
1.1 varnish, 1.1 varnish
Age
3393973
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
50084
X-Served-By
cache-lga21979-LGA, cache-hhn4066-HHN
Last-Modified
Thu, 03 Dec 2020 16:55:36 GMT
Server
nginx/1.19.0
Cache-Control
max-age=3888000
X-Timer
S1621442647.529506,VS0,VE1
ETag
"49f34df984114c6f15266217d15b2191"
x-amz-request-id
8c287165-0088-45ee-973c-1b4e8381c39c
Access-Control-Allow-Origin
*
Expires
Tue, 25 May 2021 09:57:53 GMT
X-Clv-Request-Id
8c287165-0088-45ee-973c-1b4e8381c39c
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Clv-S3-Version
2.5
X-Cache-Hits
1, 1
it
fra1-ib.adnxs.com/ Frame 7AE4 		0
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QKjD6CjBwAAAwDWAAUBCNaAlYUGEKbu7e358MOFGBiA0sS52euhhWIqNgkAAAkCABEJBwgAABkJCQjgPyEJCQgAACkRCQAxCQmw4D8w64LlBDiOHkCOHkgCUPOSkXxYqPs5YABo7b5teNDFBYABAYoBA1VTRJIBAQbwUpgBygegAfoBqAEBsAEAuAECwAEDyAEC0AEA2AEA4AEA6gHqBWh0dHBzJTNBJTJGJTJGZnJhMS1pYi5hZG54cy5jb20lMkZjbGljayUzRkFBQUFBTgMAGEtDWm1ha19OGwBsQUJ4MmJlQmt1YmN1QUNreGwxMkhDbUpXUUtWZwUwMEdNQkhRSEtJQUFBNVEBEgEKJEJiZjRjRG1Lb1UBEhEBMFZWTkVBTW9ELWdCcnIJPgxCQWdFCR8cTXdBSVJTNi0JGCQuJTJGYmNyJTNECR4FAQglM0QBFxRuJTNEMCUN1xhlbmMlM0RoMgQBCGFkYwHyIC5nLmRvdWJsZQkOIG5ldCUyRnBjcxE7HCUyNTNGeGFpAQj0SAJEQUtBT2pzdkRNUnF6NnRfUkJ0Q21rZ3MzU1BTMEp3ZGFRWkFPSVRQVzlnNVB5d3VkSjJGWVFsdGFMeDBiY0xxV2owX2pxd1dNVklLR3ZzaHRtd21kVjlkWDBxY3JMdzJYcTd6dzRVUmp2TWNyd3p2YWpvR0VTZDlUYnFZX2h2M0hBUVNZaHR5bmtxMTl0SXJoTV8tMUg3Z1QxUTdyWTVwT3lKNU5JakpkTlVyUGZUaUdJT1E0Q191WjhVOHo3VUg0Vk9CX1N2WlZWVVdXVkJrN2p3UGJqNHlUemZGN0k0WkViaEY2YjBkT3pXYWI5Z29oTWVQUUJRbGhnYW44Um1lcUZuU1JtXzR2VXhIa2NVTWthemJLTXNEelROcHE1emcxZjF5Q3g3YXBQS25TNEZPV0VobG9iaUZtaGclMjUyNnNpZyUyNTNEQ2cwQXJLSlN6R0xjSFR2dVBicjlFQUUlMjUyNmZic19hZWlkJTI1M0QlMjU1Qmd3X2Zic2FlaWQlMjU1RCUyNTI2dXJsZml4JTI1M0QxJTI1MjZhZHVybCUyNTNE8AEAigI8dWYoJ2EnLCAyOTEzOTk0LCAxNjIxNDQyNjQ2KTt1ZigncicsIDI2MDMyNzc5NSwgMTYyMTQ0MjY0Nik7kgLdAyFyMEYzV2dpeWdQTVdFUE9Ta1h3WUFDQ28temt3QkRnQVFBUklqaDVRNjRMbEJGZ0FZTGdIYUFCd0FIZ0FnQUVBaUFFQWtBRUFtQUVBb0FFU3FBRURzQUVBdVFFQUFFqRRBQUFNRUIBBwkBPERKQWJ4RjVvNjFQUWxBMlFN8yRBRHdQLUFCQVBVCSwoSmdDQUtBQ0FMVUMFOARMMAkI2E9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VaU1FURTZOVE14TnVBRHdDdUlCQUNRQkFDWUJBSEIJVQkBBHlRZZwJARROZ0VBUEURhShBQUFDSUJjUXBxUXGuEER3UDdFnS8IREJCHT8AeRUoDEFBQU4yKAAAWi4oAFw0QVVBOEFXbHpKb0QtQVhLN2JFQmdnWUSBBzhpQVlBa0FZQm1BWUFvUVkBSgkBJEtnR0FiSUdKQWsJEAEBAEIdqwRCawESCQEAQx0YSExnR0NnLi6aAokBIXJRNy02d2ky4QEkcVBzNUlBUW9BRB01TERvSlJsSkJNVG8xTXpFMlFNQXJTEekMUEFfVREMDEFBQVcdDABZHQwAYR0MAGMdDDhlQUEu2AIA4AK50DDqAhSFoSQ6Ly9nZXRuYWRhoZnwpC-AAwCIAwGQAwCYAxmgAwGqAwDAA6wCyAMA2AOA65IB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NS4xODEuMTc0Ljg5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzg1NCNGUkExOjUzMTbaBAIIAOAEAPAE85KRfIgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAMm4OADYBQHgBQHwBYOVJ_oFBAFtKJAGAJgGALgGAMEGCSQo8D_QBqEP2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIBBgABbUwvQZAAMgH0MUF0gcNCRE6ATgI2gcGCScw4AcA6gcCCADwB4fjAg..&s=c8f138f77f24515ad089de5228edd5ed5d22a8c5
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid
40181725-0f6b-4dff-b5fd-7707d60a0e6a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame DBCC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tpc.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7064607801522333952; anj=dTM7k!M4/8CxrEQF']wIg2GUcII-l=!1yIE'Yg-$0y=/d!!%sB$HwOb; icu=ChgI44kuEAoYASABKAEw1oCVhQY4AUABSAEKGAi9qEEQChgCIAIoAjDWgJWFBjgCQAJIAhDWgJWFBhgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 14 May 2021 05:43:20 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 May 2021 16:44:06 GMT
Age
39636
X-Served-By
cache-lga21946-LGA, cache-hhn4051-HHN
X-Cache
HIT, HIT
X-Cache-Hits
5, 925851
X-Timer
S1621442647.614727,VS0,VE0
Vary
Accept-Encoding
truncated
/ Frame A0F7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ca3006279ce684b106771e06486598cddf45bfeefaaae4ee4061fc110d38ab7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9F02 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tpc.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7064607801522333952; anj=dTM7k!M4/8CxrEQF']wIg2GUcII-l=!1yIE'Yg-$0y=/d!!%sB$HwOb; icu=ChgIvahBEAoYAiACKAIw1oCVhQY4AkACSAIQ1oCVhQYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 14 May 2021 05:43:20 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 May 2021 16:44:06 GMT
Age
39636
X-Served-By
cache-lga21946-LGA, cache-hhn4051-HHN
X-Cache
HIT, HIT
X-Cache-Hits
5, 925852
X-Timer
S1621442647.625030,VS0,VE0
Vary
Accept-Encoding
truncated
/ Frame 7AE4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12f4d29b206fed4a9552919d15af1745c1a7ccc2ca7cad5e877d3738a86d3a69

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E372 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT8351yHW1__Oy5rZh-RzyewBpDplhUZGhy5ZDvPFklDQyZSeb8YJAcYxt1vMfGBBulG_GQ3cSCH7L2kOpAg1YlXJ4FQd3pWVBYZ5iGjXPf8wYxK4tZXyEHzryiJizOZsjiMfjpp166TFI9oeOPmFCdc2vjgMERd2Y5CRaumBksWAUxBKrQhIIjorgw5Wixbd18TGTn18eV7HDR8FCfa6PIExy2aCrdz7jAH8BI71jvTm3npJf5FI9T6zkTeZB1CMM4BJ7kuwpOWf6L-czkUk8kgi6Ua2OZjnEMsAGJHUvBTU8VuIEQMw&sig=Cg0ArKJSzL_Kj9F09LAtEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 May 2021 16:44:06 GMT
ttj
ib.adnxs.com/ Frame D10E 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?id=6589257&psa=0&cb=1286362163&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAABpekvd69eJxACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAwxSDLgAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1181934127&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c8933dc48c67ed5ab8fa8bc868628b466f0cc0d0b41c4c8eb167004a04e0fc0c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.147:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
16912ba2-880b-4b27-a662-246f15ebaf97
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
fra1-ib.adnxs.com/ Frame D10E 		0
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QLPB6DPAwAAAwDWAAUBCNaAlYUGEJq8ybyvr73xcRiA0sS52euhhWIqNgkAAAkCABEJBywAABkAAABA4XqEPyEREgApEQkAMREb9AgDMOOC9Ag4ykFA5QFIAlCl3fsTWJjVUmAAaOvcmgF4AIABAYoBAJIBA1VTRJgB2AWgAVqoAQGwAQC4AQLAAQHIAQDQAQDYAQDgAQDqAeoDaHR0cHMlM0ElMkYlMkZhZGNsaWNrLmcuZG91YmxlY2xpY2submV0JTJGcGNzJTJGY2xpY2slMjUzRnhhaSUyNTNEQUtBT2pzdV9nM1o2UHRnRGJ0SlVUUEdlQ2RyMlhsbVJicDJfbVU1aDBjcFAzbWcza3FqSVoyMXlMVldVSFl2TFMyQjZKYjM4X2E3b0x6Y1lYMHhVMkdCVWdpNDVmaDYxaG5uVDUzSFEyOGNQVF9rOFJqSUNPc2J4bTlIbTNoSmczajRjb1lGS0ZQTEMyTmgxNGNlU3c2U0hQTGc5NXZMV3A4ajdna2xEUHF3TXRPZVZ0aHh0LUtva2cxS21oZGQwaHFDRjVrNHFGUUJpRWt3b0RBTUhraVltOHlvRnIwc2tScjdmMkVwWDhYbG5rZGRRcFZnanBtbk1oTm1XajFsOWdlaFNMT3pzWTF3a2ZKS2N5V2VrTkNQcm1UUzZyUnhaRExfR0l3VlZpVVZZd2h0UTVsMzY1N3BJUFJZWGR3JTI1MjZzaWclMjUzRENnMEFyS0pTekhTTHZUNnd5Sjk4RUFFJTI1MjZmYnNfYWVpZCUyNTNEJTI1NUJnd19mYnNhZWlkJTI1NUQlMjUyNnVybGZpeCUyNTNEMSUyNTI2YWR1cmwlMjUzRPABANgCAOACn_A_6gIUaHR0cHM6Ly9nZXRuYWRhLmNvbS-AAwCIAwGQAwCYAxmgAwGqAwDAA6wCyAMA2AOA65IB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NS4xODEuMTc0Ljg5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCADgBADwBKXd-xOIBQGYBQCgBQDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUA8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAZRoQ2gYWChAFCh0BYBAAGADgBgDyBgIIAIAHAYgHAKAHALoHDwgFGgAgAZUovQZAAMgHANIHDQkROQE2CNoHBgklMOAHAOoHAggA8AeH4wI.&s=505620ca9b1f2f4f58c2b364f2803fd5f30e320c
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1181934127&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.210:80
AN-X-Request-Uuid
ddcf70fc-1436-485e-be15-6840448aedca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7AE4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8ZG6llOCmcygVtLgOQ1Tc8ft0It5z8EsoN6mdxa7TdkR4NuHGd67jbVI0YVcj4zI3C_-PPmckeTgBMtI8k4_tLRda56TNu-6WYKo59tinzNW-De4ok0Z7Ib0XeBuIoAMHL9zXoAODRWjv4QIVru8j_M2L0BoXkcLPxpVWXJtDK4g_ot9yajmeqpFnLMWlNpoShtpl0SOEZsfh_3MmydV66sMQwcX2vOmn4IhNix_5WKmCukcgejV-aHfWmtCHh2APzvSM0YNJILDlWlPUYqzceOOzklF_A0OABy4KACCA5fjciQwZ0XSAe2LZ&sig=Cg0ArKJSzBhRaIy0262QEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 May 2021 16:44:06 GMT
ttj
ib.adnxs.com/ Frame D10E 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ttj?ttjb=1&bdc=1621442646&bdh=d623wkNrSIM_hSgXqUTP4APHINs.&bdref=https%3A%2F%2Fgetnada.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgetnada.com%2F,https%3A%2F%2Ftpc.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=6589257&psa=0&cb=1286362163&gdpr=0&gdpr_consent=&loc=%2C&pubclick=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FAAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAABpekvd69eJxACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAwxSDLgAAAAA.%2Fbcr%3DAAAAAAAAAAA%3D%2Fbn%3D0%2Fclickenc%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: ib.adnxs.com
URL: https://ib.adnxs.com/ttj?id=6589257&psa=0&cb=1286362163&gdpr=0&gdpr_consent=&loc=,&pubclick=https://fra1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAEDheoQ_AAAAAAAAAAAAAAAAAAAAABpekvd69eJxACkxl12HCmJWQKVgAAAAAGMBHQHKIAAA5QAAAAIAAACl7n4CmKoUAAAAAAAAAAAAVVNEANgCWgBrrgAAAAABAgEAAAAAAMwAwxSDLgAAAAA./bcr=AAAAAAAAAAA=/bn=0/clickenc=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu_g3Z6PtgDbtJUTPGeCdr2XlmRbp2_mU5h0cpP3mg3kqjIZ21yLVWUHYvLS2B6Jb38_a7oLzcYX0xU2GBUgi45fh61hnnT53HQ28cPT_k8RjICOsbxm9Hm3hJg3j4coYFKFPLC2Nh14ceSw6SHPLg95vLWp8j7gklDPqwMtOeVthxt-Kokg1Kmhdd0hqCF5k4qFQBiEkwoDAMHkiYm8yoFr0skRr7f2EpX8XlnkddQpVgjpmnMhNmWj1l9gehSLOzsY1wkfJKcyWekNCPrmTS6rRxZDL_GIwVViUVYwhtQ5l3657pIPRYXdw%2526sig%253DCg0ArKJSzHSLvT6wyJ98EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
d75340a866da40cd9d6d87d33e4718634776f97cd91ca2d8aa1fddd74422ba22
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
gzip
X-Creative-ID
289306172
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.13:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0365cc40-0e03-4b77-92d8-f22cca30b710
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
9a205772-2698-4fd0-82cf-3e75be1256db.jpg
crcdn01.adnxs.com/creative/p/3854/2021/5/10/25636905/ Frame D10E 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs.com/creative/p/3854/2021/5/10/25636905/9a205772-2698-4fd0-82cf-3e75be1256db.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
f4b3e38b5f979c5ad70a44c6e2fefe833d5b735a72bbf44f30f0076195d369cd

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Via
1.1 varnish, 1.1 varnish
Age
761726
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
39789
X-Served-By
cache-lga21934-LGA, cache-hhn4066-HHN
Last-Modified
Mon, 10 May 2021 21:08:08 GMT
Server
nginx/1.19.0
Cache-Control
max-age=3888000
X-Timer
S1621442647.583981,VS0,VE0
ETag
"5c35da5bf3986751de0ce17da9b77843"
x-amz-request-id
6e4861bc-c407-4ac3-8789-2fdb8640b26d
Access-Control-Allow-Origin
*
Expires
Thu, 24 Jun 2021 21:08:40 GMT
X-Clv-Request-Id
6e4861bc-c407-4ac3-8789-2fdb8640b26d
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Clv-S3-Version
2.5
X-Cache-Hits
2, 2
it
fra1-ib.adnxs.com/ Frame D10E 		0
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fgetnada.com%2F&e=wqT_3QKoD6CoBwAAAwDWAAUBCNaAlYUGENb4kLqiqLTuOhiA0sS52euhhWIqNgkAAAkCABEJBwgAABkJCQjwPyEJCQgAACkRCQAxCQmw8D8wyZaSAziOHkCOHkgCULzs-YkBWKj7OWAAaPmvVXixygWAAQGKAQNVU0SSBQbwT5gB2AWgAVqoAQGwAQC4AQLAAQPIAQLQAQDYAQDgAQDqAe4FaHR0cHMlM0ElMkYlMkZmcmExLWliLmFkbnhzLmNvbSUyRmNsaWNrJTNGQUFBVgMAGEVEaGVvUV9SHQBoQnBla3ZkNjllSnhBQ2t4bDEySENtSldRS1ZnBTAwR01CSFFIS0lBQUE1UQESAQokQ2w3bjRDbUtvVQESEQEwVlZORUFOZ0NXZ0Jycgk-DEJBZ0UJHxxNd0F3eFNETAkYJC4lMkZiY3IlM0QJHgUBCCUzRAEXGG4lM0QwJTIJ1xRlbmMlM0Q2BAE8YWRjbGljay5nLmRvdWJsZQkOIG5ldCUyRnBjcxE7HCUyNTNGeGFpAQj0WwJEQUtBT2pzdV9nM1o2UHRnRGJ0SlVUUEdlQ2RyMlhsbVJicDJfbVU1aDBjcFAzbWcza3FqSVoyMXlMVldVSFl2TFMyQjZKYjM4X2E3b0x6Y1lYMHhVMkdCVWdpNDVmaDYxaG5uVDUzSFEyOGNQVF9rOFJqSUNPc2J4bTlIbTNoSmczajRjb1lGS0ZQTEMyTmgxNGNlU3c2U0hQTGc5NXZMV3A4ajdna2xEUHF3TXRPZVZ0aHh0LUtva2cxS21oZGQwaHFDRjVrNHFGUUJpRWt3b0RBTUhraVltOHlvRnIwc2tScjdmMkVwWDhYbG5rZGRRcFZnanBtbk1oTm1XajFsOWdlaFNMT3pzWTF3a2ZKS2N5V2VrTkNQcm1UUzZyUnhaRExfR0l3VlZpVVZZd2h0UTVsMzY1N3BJUFJZWGR3JTI1MjZzaWclMjUzRENnMEFyS0pTekhTTHZUNnd5Sjk4RUFFJTI1MjZmYnNfYWVpZCUyNTNEJTI1NUJnd19mYnNhZWlkJTI1NUQlMjUyNnVybGZpeCUyNTNEMSUyNTI2YWR1cmwlMjUzRPABAIoCPHVmKCdhJywgMzA3MzM3NCwgMTYyMTQ0MjY0Nik7dWYoJ3InLCAyODkzMDYxNzIsIDE2MjE0NDI2NDYpO5IC3QMhNUVFN3FRaU81Y2dYRUx6cy1Za0JHQUFncVBzNU1BUTRBRUFFU0k0ZVVNbVdrZ05ZQUdDNEIyZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJFcWdCQTdBQkFMa0JBQUFBQUFBQUFBREJBUUFBRbxIQUFBeVFGUW5vNHBwUElFUU5rQgEUAQEgOERfZ0FRRDFBZT8oQ1lBZ0NnQWdDMUFlCwRDOQkI4ERnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xHVWtFeE9qVXhPVGpnQThBcmlBUUFrQVFBbUFRQndRUQFjCQEETWttbAEBFERZQkFEeBWFKEFBQWlBWE9LS2tGAQwBARA4RC14QgWUCQEId1FVCQkBAQBNGSgMQUFEUi4oAAAyLigAqE9BRkFQQUZxckM5QV9nRjNzcTdBWUlHQTFWVFJJZ0dBSkFHQVpnR0FLRUcBVwkBJENvQmdHeUJpUUoJEAUBAFIFBgkBAFoJBwUBAGgFBgUBsEM0QmdvLpoCiQEhWlE4ak1RaU81Y2dYRUx6cy1Za0JHS2o3T1NBRUtBQXhBQRUCTDZDVVpTUVRFNk5URTVPRURBSzBrDR0MRHdQMT00AEYRGAxBQUFHHRgARx0YAEgdGDRIZ0HYAgDgArnQMOoCFIWl8Is6Ly9nZXRuYWRhLmNvbS-AAwCIAwGQAwCYAxmgAwGqAwDAA6wCyAMA2AOA65IB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NS4xODEuMTc0Ljg5qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQOMzg1NCNGUkExOjUxOTjaBAIIAOAEAPAEvMF-IIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYLdG_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBqEP2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFIDbYsvQZAAMgHscoF0gcNFXYBOAjaBwYJJzDgBwDqBwIIAPAHh-MC&s=49f21e6095a40d034cfd22758141fab65eb12eac
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
b27af9bc-eb76-4d09-995e-c9890932dc21
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8242 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tpc.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7064607801522333952; anj=dTM7k!M4/8CxrEQF']wIg2GUcII-l=!1yIE'Yg-$0y=/d!!%sB$HwOb; icu=ChgI44kuEAoYASABKAEw1oCVhQY4AUABSAEKGAi9qEEQChgCIAIoAjDWgJWFBjgCQAJIAhDWgJWFBhgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 14 May 2021 05:43:20 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 May 2021 16:44:06 GMT
Age
39636
X-Served-By
cache-lga21946-LGA, cache-hhn4051-HHN
X-Cache
HIT, HIT
X-Cache-Hits
5, 925853
X-Timer
S1621442647.633153,VS0,VE0
Vary
Accept-Encoding
truncated
/ Frame D10E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6345bc2387ad5b05af3cefd9d4420803b78baaa765437efb29802ce8521bb193

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D10E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNYMyzLmkrwfPp1EIbKRAXbJz6O_3cJ3RiR_srcWra24eXLByAygI5Sp2UoC2QwCjStzbh8z0p31GeKMIhaCNQb04c0hq3XbRQRfJJmLWBQzwEKlWVSr8KZiT_a29GQ6-cQAnn0uwMneQd7TE8sNaM3G84z-lRwYilWvExuY6YCBEp7SFi0evNezAdwPdcQtg9P4hFrWEg9xf4qKZ-3kSYlhuspYQGiIikDPQFzBwQmmuxeIaquPbLgdA0apGtmfWfTJykg4mJVeL1FAYwosHjC-O5KT418M2fV3FVfQ4zQwdmtKMVcrePAmZUre98&sig=Cg0ArKJSzHShBAqv95m8EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 May 2021 16:44:06 GMT
async_usersync
ib.adnxs.com/ Frame 770C 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid
6644d51c-0746-4c5c-a9ae-5ceb77f1aa96
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DBCC 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid
c6017b9d-84b3-4845-baff-acc67817cdc6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9F02 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.42:80
AN-X-Request-Uuid
6885882f-ccd5-4c68-b8e3-d18b5309a84d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8242 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:06 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.44:80
AN-X-Request-Uuid
436882d7-3d3d-4a60-8d16-8a03593a46b6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A0F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxceKPpnitVGai3pVHvk7_zDy_ode18JQOclMYeoPZWuYhkPsR0R4FKWxvczuppeBqpWQRP_AaDiEqh07hbBGYFL3pPZE7IAOquOlIiPKMhysQ1Nn6s2rdnMul-j-rWL4ZQ40iCdpPqLlkfEWYb_Qe09FvdpHcqpUtyovpnDf2PzWUj3kS-QP89AZyUj-PCKajIyR-IgT-rxsMs3ij5tX-kHNGqKmaVXYFnjLrxESZ1PLyLRc_Pmi9qQvJrQNiMgJvW9keIsRyHArTD21n5qrEt7fZFYNY3VRrRwqNEMa2WUvd97cpSGrDe5xg&sig=Cg0ArKJSzO9qymn5J_UqEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 May 2021 16:44:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 May 2021 16:44:06 GMT
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?oz_pl=1&ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451608003798135000&pd=avt&di=https%3A%2F%2Fgetnada.com%2F&ui=7064607801522333952&ap=&sr=8394&pp=1070141&ti=4826837565820986990&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=18678115&cr=41873061&c1=fra1&c2=0&cb=213647341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.ib.adnxs.com/2/2.4.1/ Frame E372 		133 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451608003798135000&pd=avt&di=https%3A%2F%2Fgetnada.com%2F&ui=7064607801522333952&ap=&sr=8394&pp=1070141&ti=4826837565820986990&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=18678115&cr=41873061&c1=fra1&c2=0&cb=213647341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2ee75081870589191b3013c69834e8ce2fea2399061134c8dc15c4dfca0eb31f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:06 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
42400
Expires
Sat, 25 Jan 2053 07:01:40 GMT
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?oz_pl=1&ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/225545/analytics.js?dt=2255451608003798135000&pd=avt&di=https%3A%2F%2Fgetnada.com%2F&ui=7064607801522333952&ap=&sr=8394&pp=1070141&ti=4826837565820986990&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&ac=${CPG_ID}&pc=18678115&cr=41873061&c1=fra1&c2=0&cb=213647341
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442646931&oz_l=34&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442647101&oz_l=10994&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame FF12 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442647262&oz_l=224&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442647443&oz_l=1194&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame E372 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdMriRP9Iud3tNPTvKv3KoW1odU-rWBXVc4fOi4agD0gcXFX3zHrgymhsAeNNK4w6OWsmFUSBIsd7JvBQkD-nyQlL4X5T9NHeujsIHljA&sig=Cg0ArKJSzA_I5g5cDSrHEAE&id=lidar2&mcvt=1000&p=1098,436,1188,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=4065119108&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621442646371&dlt=7&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7AE4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOFpPuffiFjKPc6AyefDJBQCsuxs-BeAnP7EhjPDieQN-YSb85UGYDUs79vk1Hgm4b6KYxRXOBi861tQ7R-kGDZXcM6xbLesELxs3YlGI&sig=Cg0ArKJSzERJKkyYmJjeEAE&id=lidar2&mcvt=1002&p=16,315,266,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1779617747&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621442646374&dlt=12&rpt=0&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442647600&oz_l=14235&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:06 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
async_usersync
ib.adnxs.com/ Frame 770C 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.196:80
AN-X-Request-Uuid
4dc50518-1e1b-4e8b-bf74-bf613ebf41ad
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D10E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuipEnO_7K5NFXoPC1cp6c_6hjJWhYYbG-FA8dpefxfREyvDoOCjuQno0sJbq5lCXWW4bYkb4nLY5A2zrxUoAjFP_a5ZKAXcLEi61OVhek&sig=Cg0ArKJSzP4IBMFxZWYzEAE&id=lidar2&mcvt=1000&p=925,564,1015,1292&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2838864979&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621442646373&dlt=7&rpt=0&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DBCC 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid
be50435c-e378-485c-bfde-92a0651c4791
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9F02 		0
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.234:80
AN-X-Request-Uuid
dc7c201d-7995-418a-b3ad-74e6591d4a72
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8242 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid
7417af9b-eb94-4b1f-b500-868772616696
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
e2d0cbfb-eaef-400a-8c9e-7ebae6a8ecc5
https://tpc.googlesyndication.com/ Frame ACD2 		476 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tpc.googlesyndication.com/e2d0cbfb-eaef-400a-8c9e-7ebae6a8ecc5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
476
Content-Type
javascript
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442647799&oz_l=678&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame A0F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscp9NLEZT9sPUg4JRi4CSjNZLF-tOX9T90Xvgt4VSL47fB-lsq7HDnjJc0wnZlULu8R-aNU_LudofCukuW4Jl9-cZnu4S9hy-KKO9vGGU&sig=Cg0ArKJSzBuexOnFKjskEAE&id=lidar2&mcvt=1000&p=574,564,664,1292&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=4165432093&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621442646373&dlt=10&rpt=0&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:08 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 May 2021 16:44:08 GMT
syncframe
gum.criteo.com/ Frame E20F 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=getnada.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=getnada.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1215
set-cookie
uid=1c4d0bee-f173-48e0-8545-2db6ffee0821; expires=Thu, 19 May 2022 16:44:07 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Wed, 19 May 2021 16:44:07 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://getnada.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:08 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 11:49:37 GMT
server
nginx
etag
W/"60a25851-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 20 May 2021 16:44:08 GMT
Cookie set beacon
ap.lijit.com/ Frame DFF5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=8128488
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
346f2df071602cbecd4955ba0ba2e96964c96beba1b394b6caee0acee13486d8

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://getnada.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=f772ad08c6b7c17fc72b52c8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

Server
nginx
Date
Wed, 19 May 2021 16:44:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxdy7kNACAIBdBdqC0AOV3NuLsxsYHy%2FWNDICwyZlNmyQFk1bOx1aHV2npFpJZEtf8HistzZpbFuWhLIH0%3D;Path=/;Domain=.lijit.com;Expires=Thu, 19-May-2022 16:44:09 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=f772ad08c6b7c17fc72b52c8;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 19-May-2022 16:44:09 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap1ewr1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 36E2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://getnada.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7064607801522333952; anj=dTM7k!M4/8CxrEQF']wIg2GUcII-l=!1yIE'Yg-$0y=/d!!%sB$HwOb; icu=ChgI44kuEAoYASABKAEw1oCVhQY4AUABSAEKGAi9qEEQChgCIAIoAjDWgJWFBjgCQAJIAhDWgJWFBhgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 14 May 2021 05:43:20 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 19 May 2021 16:44:09 GMT
Age
39638
X-Served-By
cache-lga21946-LGA, cache-hhn4051-HHN
X-Cache
HIT, HIT
X-Cache-Hits
5, 925905
X-Timer
S1621442649.120251,VS0,VE0
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 6F0E 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/getnada.js?1614021600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54568136bcc231af9aa7f765a5593f06ed6396388015f4959ef7952f5fafc1ac

Request headers

:method
GET
:authority
public.servenobid.com
:scheme
https
:path
/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://getnada.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://getnada.com/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Fri, 14 May 2021 20:22:43 GMT
accept-ranges
bytes
etag
"2f086b9f0d5c2806f4c1be77954d8244"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
VVh/0ZwNRy3m/M6hF6AVjT4sQGmffpSAA+0rztg2YhUni0qgSpdeVOw9BBXHIFnblMost5go1r4=
x-amz-request-id
060BSB6M4G13WFKH
x-azure-ref-originshield
00J2kYAAAAABDWFDRMBYfTaRpIvJL+6SVTE9OMjFFREdFMDExOQA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
0WUClYAAAAAAF+GImpuWUSKMzsebu5QqCRlJBRURHRTEwMDcAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Wed, 19 May 2021 16:44:08 GMT
async_usersync
ib.adnxs.com/ Frame 36E2 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.58:80
AN-X-Request-Uuid
649e1115-4d6a-445b-bf8f-ff240a923b10
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 722E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
749e8d4c2105ea6aed5bc230fde6f438a92f239dce54dd076ed0c0bbf8f01236

Request headers

:method
GET
:authority
g2.gumgum.com
:scheme
https
:path
/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812; Domain=.gumgum.com; Expires=Thu, 19-May-2022 16:44:09 GMT; Path=/; Secure; SameSite=None
etag
W/"0645729b6eda95fa992784408ba00d427"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 1272 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
pixel.33across.com
:scheme
https
:path
/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Wed, 19 May 2021 16:44:09 GMT
/
onetag-sys.com/usync/ Frame 3CF9 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame C751 		964 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a3556b210d850f85054988ae9e3cef5da713d1ec0a78cff5c1cfb7282293794d

Request headers

Host
ssbsync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://public.servenobid.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

date
Wed, 19 May 2021 16:44:08 GMT
content-type
text/html
content-length
964
set-cookie
pid=914426184208936165; expires=Sun, 19 Jun 2022 16:43:09 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
sync
ads.servenobid.com/ Frame 6F0E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7064607801522333952
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7064607801522333952
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.48:80
AN-X-Request-Uuid
47e0e5f7-1489-4297-b954-6143c1aaea6c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7064607801522333952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 6F0E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=310&uid=f772ad08c6b7c17fc72b52c8
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=f772ad08c6b7c17fc72b52c8
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Date
Wed, 19 May 2021 16:44:09 GMT
Server
nginx
Location
https://ads.servenobid.com/sync?pid=310&uid=f772ad08c6b7c17fc72b52c8
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ads.servenobid.com/ Frame 6F0E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
101954
jadserve.postrelease.com/suid/ Frame 6F0E 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.161.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-161-225.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame 6F0E
Redirect Chain
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D
  • https://ads.servenobid.com/sync?pid=328&uid=ce10ac91ea963697ad62f315bbb42bef7be96d93
0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=ce10ac91ea963697ad62f315bbb42bef7be96d93
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=ce10ac91ea963697ad62f315bbb42bef7be96d93
Date
Wed, 19 May 2021 16:44:09 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
sync
ads.servenobid.com/ Frame 6F0E
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=875739026907860051
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=875739026907860051
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=875739026907860051
Date
Wed, 19 May 2021 16:44:09 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame DFF5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=f772ad08c6b7c17fc72b52c8&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Wed, 19 May 2021 16:45:44 GMT
Server
MT3 3736 915c305 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 May 2021 16:45:43 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame DFF5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Content-Type
image/gif
reporting
ap.lijit.com/dsp/google/ Frame DFF5
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=Zjc3MmFkMDhjNmI3YzE3ZmM3MmI1MmM4
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
svr
match.prod.bidr.io/cookie-sync/ Frame DFF5 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-106-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 19 May 2021 16:44:11 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame DFF5
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
merge
ce.lijit.com/ Frame DFF5
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=f772ad08c6b7c17fc72b52c8/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=f772ad08c6b7c17fc72b52c8/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=bf1cee85c1f7b74d5b5204fdff0fcc34&gdpr=1&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=bf1cee85c1f7b74d5b5204fdff0fcc34&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=bf1cee85c1f7b74d5b5204fdff0fcc34&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.15.109
content-length
0
expires
0
merge
ce.lijit.com/ Frame DFF5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:08 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F148 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=91695
expires
Thu, 20 May 2021 18:12:24 GMT
date
Wed, 19 May 2021 16:44:09 GMT
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...
776 B
789 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
c831f25134665f677e457c0faa56f090e8ed9bef9d48561733e7191dbf221964

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=b485aef8-dbff-4fe3-a459-cc2b8e2faaf0|1621442649
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=b485aef8-dbff-4fe3-a459-cc2b8e2faaf0|1621442649; Version=1; Expires=Thu, 19-May-2022 16:44:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1621442649|gekin0vNiygu; Version=1; Expires=Thu, 03-Jun-2021 16:44:09 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 19 May 2021 16:44:09 GMT
content-type
text/html
content-length
476
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=198f2086-a91e-01f8-3328-fb3e13ddc787|1621442649; Version=1; Expires=Thu, 19-May-2022 16:44:09 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.207.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date
Wed, 19 May 2021 16:44:09 GMT
content-length
0
via
1.1 google
alt-svc
clear
0608867b
rtb.gumgum.com/usync/ Frame 1905 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=8128488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7ba53f97bd35194079aec47f239c1827ad5f24293c9ada89949010feac45ab9d

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_de38bf49-48db-4a17-87e7-a005099aa689; Domain=.gumgum.com; Expires=Thu, 19-May-2022 16:44:09 GMT; Path=/; Secure; SameSite=None
etag
W/"02214a95b984de41ff5cc5bafe48d76e2"
timing-allow-origin
*
content-encoding
gzip
sync
ads.servenobid.com/ Frame C751 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=914426184208936165&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
sync
ssbsync.smartadserver.com/api/ Frame C751
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=1395914398595254094
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=1395914398595254094
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:08 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
nginx
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=1395914398595254094
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame C751
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7064607801522333952
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7064607801522333952
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid
83e7eefd-595d-4d4d-9298-19d66bc78cca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7064607801522333952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame C751
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D66%26buid%3D%7Bamob_user_id%7D
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=063f220431d77f753294edc2
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=063f220431d77f753294edc2
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-length
0

Redirect headers

Location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=66&buid=063f220431d77f753294edc2
Date
Wed, 19 May 2021 16:44:09 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
sync
ssbsync.smartadserver.com/api/ Frame C751
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gd...
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=fd01a31f-3529-0aa7-37b5-32f4a5d602a5
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=fd01a31f-3529-0aa7-37b5-32f4a5d602a5
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-length
0

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=100&buid=fd01a31f-3529-0aa7-37b5-32f4a5d602a5
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
showad.js
ads.pubmatic.com/AdServer/js/ Frame B68A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=66861
expires
Thu, 20 May 2021 11:18:30 GMT
date
Wed, 19 May 2021 16:44:09 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.238:80
AN-X-Request-Uuid
2a0f392c-2282-42c0-bfde-ee7ffdb02fed
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=k7gWyJG4QsSIvRLEl7haz5e_EsSI60CfkLHmNBdW
  • https://rtb.gumgum.com/usersync?b=bsw&i=f55114cd-e66c-4cd6-b2f9-f9ad029ca08b
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=f55114cd-e66c-4cd6-b2f9-f9ad029ca08b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=f55114cd-e66c-4cd6-b2f9-f9ad029ca08b
date
Wed, 19 May 2021 16:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28oQtL1si8rS-ROUo0R5UzF_XUTHz9-U35737nJVPl5b26nBpRTPgDV3WobZCWxUY1%29
Date
Wed, 19 May 2021 16:44:10 GMT
Connection
close
X-TraceId
6d0533a43a94d4a1acbe6ab5f11f4bf6
Content-Length
0
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=901435d1-5a6d-4842-99f4-142e2258984b
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=901435d1-5a6d-4842-99f4-142e2258984b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=901435d1-5a6d-4842-99f4-142e2258984b
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-bb480fbc-0a45-4ed9-580e-b450bda56f22$ip$195.181.174.89
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-bb480fbc-0a45-4ed9-580e-b450bda56f22$ip$195.181.174.89
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-bb480fbc-0a45-4ed9-580e-b450bda56f22$ip$195.181.174.89
Date
Wed, 19 May 2021 16:44:10 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-c68kgZdE2pfhsrn.aeYyImo0gqxvVP0Bmdp4~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-c68kgZdE2pfhsrn.aeYyImo0gqxvVP0Bmdp4~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-c68kgZdE2pfhsrn.aeYyImo0gqxvVP0Bmdp4~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=6f0f3ad1-b8c1-11eb-a500-c5cb60f9cae5
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=6f0f3ad1-b8c1-11eb-a500-c5cb60f9cae5
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=6f0f3ad1-b8c1-11eb-a500-c5cb60f9cae5
Date
Wed, 19 May 2021 16:44:09 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
6f0f3ad2-b8c1-11eb-a500-c5cb60f9cae5
services
sync.technoratimedia.com/ Frame 722E 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
259266169
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 722E 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=h1TdSVWXv4QEgDLNwvlA&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT22BRKRSFGVSXLB3DIUKFM5CEYTTXOZWECJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=h1TdSVWXv4QEgDLNwvlA&us_privacy=1---
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=h1TdSVWXv4QEgDLNwvlA&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:10 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=h1TdSVWXv4QEgDLNwvlA&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:11 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
date
Wed, 19 May 2021 16:44:11 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame 722E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=Eh7qIONUwkFe&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=Eh7qIONUwkFe&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=Eh7qIONUwkFe&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-686fd4fb4c-jztbd
expires
-1
sync
ads.servenobid.com/ Frame 722E 		0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_80099885-b2c7-4f6e-a1b5-8ee03a7ba812
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.141.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-141-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 May 2021 16:44:09 GMT
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
content-length
0
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
usersync
rtb.gumgum.com/ Frame B22D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1dad60a5-4059-4000-ad76-7e1d6e90782a&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1dad60a5-4059-4000-ad76-7e1d6e90782a&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=1dad60a5-4059-4000-ad76-7e1d6e90782a&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_de38bf49-48db-4a17-87e7-a005099aa689
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 19 May 2021 16:45:44 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3736 915c305 master cdg-pixel-x5
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=1dad60a5-4059-4000-ad76-7e1d6e90782a; domain=.mathtag.com; path=/; expires=Thu, 16-Jun-2022 16:44:09 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=1dad60a5-4059-4000-ad76-7e1d6e90782a&gdpr=0&gdpr_consent=
Expires
Wed, 19 May 2021 16:45:43 GMT
usersync
rtb.gumgum.com/ Frame F0D7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
  • https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgAA8zuPHQBg&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgAA8zuPHQBg&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YKVAWgAA8zuPHQBg&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgAA8zuPHQBg&gdpr=0&gdpr_consent=&_test=YKVAWgAA8zuPHQBg
accept-ranges
bytes
date
Wed, 19 May 2021 16:44:10 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1621442650.407191,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame E52D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MDA5OTg4NS1iMmM3LTRmNmUtYTFiNS04ZWUwM2E3YmE4MTI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV84MDA5OTg4NS1iMmM3LTRmNmUtYTFiNS04ZWUwM2E3YmE4MTI=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk_g8PW_4mD4rTSF9mD8pN9ec2JK83JEOz5miTzauW7FAbDxjGucKpq1iFRWWE; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Wed, 19 May 2021 16:44:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D53 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=91695
expires
Thu, 20 May 2021 18:12:24 GMT
date
Wed, 19 May 2021 16:44:09 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 778F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip172.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Wed, 19 May 2021 16:44:10 GMT
usersync
rtb.gumgum.com/ Frame 2458
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=36910431-7577-4183-b2d9-d61d13afd0f4&t=1624034650
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=36910431-7577-4183-b2d9-d61d13afd0f4&t=1624034650
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=36910431-7577-4183-b2d9-d61d13afd0f4&t=1624034650
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 19 May 2021 16:44:10 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=36910431-7577-4183-b2d9-d61d13afd0f4&t=1624034650
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=36910431-7577-4183-b2d9-d61d13afd0f4; domain=.adsrvr.org; expires=Thu, 19-May-2022 16:44:10 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwjstsTugbzNORAFOAE.; domain=.adsrvr.org; expires=Thu, 19-May-2022 16:44:10 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame DC19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Wed, 19 May 2021 16:44:11 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame BD7D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YKVAWsCo5sEAAJz9TqEAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YKVAWsCo5sEAAJz9TqEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YKVAWsCo5sEAAJz9TqEAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 19 May 2021 16:44:10 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YKVAWsCo5sEAAJz9TqEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
17
X-SO-HostName
a-ad40191.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":25,"gdpr":true,"ipv4":"0.0.0.0","key":"YKVAWsCo5sEAAJz9TqEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40191"}
X-SO-Key
YKVAWsCo5sEAAJz9TqEAAAAA
X-SO-IP
195.181.174.89
X-SO-Cluster-ID
25
X-SO-Upstream-ID
a-ad40191
usersync
rtb.gumgum.com/ Frame 491E
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=875739026907860051
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_de38bf49-48db-4a17-87e7-a005099aa689
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 19 May 2021 16:44:09 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAyszQwtzAzMDA1FOIz1C1Liyj2jcrOCApLM5fiNTQzMjQxMTIzsTQytgAA-7ypmDMAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 13 Jun 2022 16:44:09 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRoYmJkZmJpZGF6ShyZb2wBADNa_y4gAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 13 Jun 2022 16:44:09 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAyszQwtzAzMDA1FOIz1C1Liyj2jcrOCApLMwcApKSdhSQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 07F9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT Wed, 19 May 2021 16:44:09 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.47:80
AN-X-Request-Uuid
c3d6164f-0faa-4b42-b875-f11e81a129d1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7064607801522333952
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 1905 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_de38bf49-48db-4a17-87e7-a005099aa689&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.143.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:12 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GD8K6Cb9rSEylamwBjZBjzKxY6iD8y38WBkJ7vpN8GwnhH2DDV3jijvdLbDAtsQa%29
Date
Wed, 19 May 2021 16:44:12 GMT
Connection
close
X-TraceId
ab716939717034c842dc52ad1cc423d5
Content-Length
0
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=3d1ebbaf-288c-0659-0e85-233bbfaaf53c
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=3d1ebbaf-288c-0659-0e85-233bbfaaf53c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT
content-encoding
gzip
server
OXGW/16.207.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=3d1ebbaf-288c-0659-0e85-233bbfaaf53c
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame 1905 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.38.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 19 May 2021 16:44:10 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-2_xhIy5E2pctnikerQXUiugxs4jmYmq0SXKR~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-2_xhIy5E2pctnikerQXUiugxs4jmYmq0SXKR~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-2_xhIy5E2pctnikerQXUiugxs4jmYmq0SXKR~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=6f1ea451-b8c1-11eb-a1e5-3fd456ab067d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=6f1ea451-b8c1-11eb-a1e5-3fd456ab067d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=6f1ea451-b8c1-11eb-a1e5-3fd456ab067d
Date
Wed, 19 May 2021 16:44:09 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
6f1ea452-b8c1-11eb-a1e5-3fd456ab067d
services
sync.technoratimedia.com/ Frame 1905 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
390742466
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 1905 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_de38bf49-48db-4a17-87e7-a005099aa689&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Wed, 19 May 2021 16:44:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:11 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=b82eafe8-3d37-458d-bc40-b1cfc5b6232a
date
Wed, 19 May 2021 16:44:11 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame 1905
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=MET72o1a5tdM&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=MET72o1a5tdM&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=MET72o1a5tdM&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-686fd4fb4c-969kh
expires
-1
merge
ce.lijit.com/ Frame 1905 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_de38bf49-48db-4a17-87e7-a005099aa689
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:07 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9BF8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_de38bf49-48db-4a17-87e7-a005099aa689
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 19 May 2021 16:45:44 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3736 915c305 master cdg-pixel-x9
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=a77660a5-4059-4c00-b696-73eca1ff7b66&gdpr=1&gdpr_consent=
Expires
Wed, 19 May 2021 16:45:43 GMT
usersync
rtb.gumgum.com/ Frame FD96
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
  • https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgABF2PDQgAC&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgABF2PDQgAC&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YKVAWgABF2PDQgAC&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YKVAWgABF2PDQgAC&gdpr=1&gdpr_consent=&_test=YKVAWgABF2PDQgAC
accept-ranges
bytes
date
Wed, 19 May 2021 16:44:10 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1621442650.404496,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4DB1 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kZTM4YmY0OS00OGRiLTRhMTctODdlNy1hMDA1MDk5YWE2ODk=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9kZTM4YmY0OS00OGRiLTRhMTctODdlNy1hMDA1MDk5YWE2ODk=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk_g8PW_4mD4rTSF9mD8pN9ec2JK83JEOz5miTzauW7FAbDxjGucKpq1iFRWWE; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 19 May 2021 16:44:09 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9311 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Wed, 21 Oct 2020 18:57:29 GMT
etag
"1300708-1f78-5b232eb4914bb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2654
content-type
text/html; charset=UTF-8
cache-control
max-age=91695
expires
Thu, 20 May 2021 18:12:24 GMT
date
Wed, 19 May 2021 16:44:09 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 2DED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.172 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip172.208-100-17.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Wed, 19 May 2021 16:44:09 GMT
generic
match.adsrvr.org/track/cmf/ Frame F692 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:10 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 6ED1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Wed, 19 May 2021 16:44:11 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 3A57
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YKVAW8Co5sEAAJz9TucAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YKVAW8Co5sEAAJz9TucAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YKVAW8Co5sEAAJz9TucAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:11 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 19 May 2021 16:44:11 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YKVAW8Co5sEAAJz9TucAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
4
X-SO-HostName
m-ad377.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40003.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":57,"gdpr":true,"ipv4":"0.0.0.0","key":"YKVAW8Co5sEAAJz9TucAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad377"}
X-SO-Key
YKVAW8Co5sEAAJz9TucAAAAA
X-SO-IP
195.181.174.89
X-SO-Cluster-ID
57
X-SO-Upstream-ID
m-ad377
usersync
rtb.gumgum.com/ Frame B464
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=875739026907860051
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_de38bf49-48db-4a17-87e7-a005099aa689
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 19 May 2021 16:44:09 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSsjA3NTe2NDAyszQwtzAzMDA1FOIz1C1Liyj2jcrOCApLM5fiNTQzMjQxMTIzsTQytgAA-7ypmDMAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 13 Jun 2022 16:44:09 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAFslxmtoZmRoYmJkZmJpbGhxShyJb2RsAQCUYaATIAAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 13 Jun 2022 16:44:09 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSsjA3NTe2NDAyszQwtzAzMDA1FOIz1C1Liyj2jcrOCApLMwcApKSdhSQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=875739026907860051
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame CBCA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 19 May 2021 16:44:09 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 19 May 2021 16:44:09 GMT Wed, 19 May 2021 16:44:09 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=9p6Qm8pukb8I9ERgD32z&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame B68A 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45379520&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:07 GMT
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame B56E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=66861
expires
Thu, 20 May 2021 11:18:30 GMT
date
Wed, 19 May 2021 16:44:09 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C0C9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=66861
expires
Thu, 20 May 2021 11:18:30 GMT
date
Wed, 19 May 2021 16:44:09 GMT
vary
Accept-Encoding
merge
ce.lijit.com/ Frame CC14 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=0bc74f61-98cc-4a19-b933-b26592b9a65f&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:09 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9fba60a5-4059-4c00-9333-9392255e91a7
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9fba60a5-4059-4c00-9333-9392255e91a7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 19 May 2021 16:45:45 GMT
Server
MT3 3736 915c305 master cdg-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9fba60a5-4059-4c00-9333-9392255e91a7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 May 2021 16:45:44 GMT
sd
us-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=sA8lKbIPcSWrCiEltA9pLrQIISWrXHN-swYEGkYL
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=sA8lKbIPcSWrCiEltA9pLrQIISWrXHN-swYEGkYL
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=sA8lKbIPcSWrCiEltA9pLrQIISWrXHN-swYEGkYL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5762065989904887101
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5762065989904887101
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5762065989904887101
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame CC14 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=672991a1-7278-7014-fe8f-04c3ea08990d&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame CC14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0NjQyNmItYmIwZi0yZWIwLWViNmYtNWU3YTIwZWE1NzZk
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0NjQyNmItYmIwZi0yZWIwLWViNmYtNWU3YTIwZWE1NzZk&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0NjQyNmItYmIwZi0yZWIwLWViNmYtNWU3YTIwZWE1NzZk&google_tc=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0NjQyNmItYmIwZi0yZWIwLWViNmYtNWU3YTIwZWE1NzZk&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CC14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGKgf-2i4uoanVOoJ3f0YBI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGKgf-2i4uoanVOoJ3f0YBI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 May 2021 16:44:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGKgf-2i4uoanVOoJ3f0YBI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B56E 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54608615&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 16:44:07 GMT
content-length
0
bounce
ib.adnxs.com/ Frame 36E2
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:10 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid
a2b01045-056c-49f2-9a38-708106c2976b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 May 2021 16:44:10 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.149:80
AN-X-Request-Uuid
6ca5301f-adc5-4aa4-8d9a-1884b349e967
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442652179&oz_l=309&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:11 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/ Frame E372 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.ib.adnxs.com/2/2.4.1/225545/AIpf9ekBEAP-41Fg/postback?ac=%24%7BCPG_ID%7D&cr=41873061&di=https%3A%2F%2Fgetnada.com%2F&pv=85741f10-c12c-4b01-a2bd-5509f3a3b98f&to=3&de=2&md=1&dm=728x90&gt=DE&c2=0&pd=avt&ci=225545&ap=&pp=1070141&pc=18678115&dt=2255451608003798135000&sr=8394&ti=4826837565820986990&c1=fra1&cb=213647341&ui=7064607801522333952&sid=AIpf9ekBEAP-41Fg&oz_sc=6d56696717d28a8037c86f67&oz_df=1621442653887&oz_l=324&cv=3
Requested by
Host: s.update.ib.adnxs.com
URL: https://s.update.ib.adnxs.com/2/2.4.1/main.js?o=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.131.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-131-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 19 May 2021 16:44:13 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
getnada.com
URL
https://getnada.com/_nuxt/img/puff_dark.ca278bf.svg
Domain
partners.tremorhub.com
URL
https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
Domain
partners.tremorhub.com
URL
https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
Domain
partners.tremorhub.com
URL
https://partners.tremorhub.com/sync?UIGL=CAESEDBfRWBbcBccgERpzgSMz1k&google_cver=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG3Z2nhH-70kBwCZLkpSJOdNuZwcwy_CN2kSGFwmK55pj-w2BGBoS_jNLDAlqp4H6bhBczZvFMXNpjlfdSt2pLDMtso4GzW3qXFnK8-dC4POPfo0prc1IAA3FJwA&sai=AMfl-YSEAkAVHTZV7j1bP_sYTaYoPaQrlgRKWD37_TMV7N0yNiTWnH65FjeJAHI5dLZz4SQZZiijmHP0tczZcIBG-ed0Ao2xREAlKxpklr2OI7mv9C66FUe2SbOl27qGfiTK&sig=Cg0ArKJSzPRKyAR-rbFvEAE&cid=CAASPeRooDGYwyuZglcOhnJfDoFrwSeAUbGHxC8YVIStMdBTrGg7iBJxUrpg4AviOJ4eSJAbkCBdSHwr9oDp5cM&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=4065119108&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=3&rst=1621442645198&dlt=25&rpt=298&isd=0&msd=0&r=u&fum=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8IG1TcRpApWFG096vR_uc8V3X6gBm50WYWyJzu7Vvsz3JXNELmSovd3H39iLbF84ryZ9Jp2PhcNNzUkvcjn0mYUx7jjAtB5K5JUKSaDrIov-2dlwh_vNKEdzJiA&sai=AMfl-YQKuIxZyOnsKxje2wikApiV-bQcuprQsmgOBopbO549m7UpGuopdHwm2e-XmiybxqL0qA6lHoGfRsFt3NHpkMfBsaroaX8Uvx5OnHNonsalEHo2tsrsx4CbARGRCD_C&sig=Cg0ArKJSzG3YQAMTURlzEAE&cid=CAASPeRoCBdQpxAgEwC65qXHT_HJeuXVrtHMkIDoduQvdFQmRwTpNhf19BCPDQ_eP_FUQzNVe2bUO2XGHPCo0sU&id=lidartos&mcvt=304&p=925,778,1179,1078&mtos=0,304,304,304,304&tos=0,304,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2838864979&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=3&rst=1621442645199&dlt=20&rpt=286&isd=0&msd=0&r=u&fum=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTyhzJTxhREm8AwpQBU-qPEwBrV8rXbGoIvtdj2fMDwnub5YqvjNYFEHnJ1snDfnIfBPNR1SekvwlM2fjdWduH0NS7VDwTFgC9Icyctyb97DAz2baJZlKF8YUIXQ&sai=AMfl-YRh6xmlF4Z9qvPK8bY6se3OkXCYl9buVw5GHVpYLcbqDERywz7lRDrFG61LpXAUghFsPX4aVGBO5r25OK5NOsbWBI9FtsIkmeqg2Cslxj7rfeTJfjAXHxBZUrCk6F6z&sig=Cg0ArKJSzJ5L_5tRZFUvEAE&cid=CAASPeRoAv04eyCxCLQ42wJisuGXy0yenxuS5E3VZxAFQAg4zcVIFyOE8ALwMH-mpCG2I3SZERiLPpxwEiVC5gk&id=lidartos&mcvt=307&p=575,565,620,1293&mtos=307,307,307,307,307&tos=307,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=4165432093&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=3&rst=1621442645212&dlt=13&rpt=197&isd=0&msd=0&r=u&fum=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6WKDVYUUmv8fwuq2nEcz4xTJzKCmow88dtt83IopC6ds6G3eT87P8UoaHwKyyxouuoyj_P4uh2-dpVDIQqBu5-ROruel1smYSyrfw-TEvtlWABFkMZGj7DV7gag&sai=AMfl-YTCEvQwlfBk-pyxrbxnpC5_eosE1hqgHiXa-TQOTr5vmIH-pQDOVSnqnE3ihVOatDGA98fhNG3DmC1ApK6v9GvzIG0TVZ7xyRhWdjRKlb8k4CaAFg5w5GaoTsSv7M9o&sig=Cg0ArKJSzA1Fket4yN3tEAE&cid=CAASPeRo4BKuov4eGElOUMf08GHmXMEg3Ze_kJw39215sewFtZ3joNcZ5Fc8edxbZ2INaJAzGleBbONlQAT5qcw&id=lidartos&mcvt=266&p=16,315,270,1285&mtos=0,266,266,266,266&tos=0,266,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1779617747&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=3&rst=1621442645213&dlt=15&rpt=283&isd=0&msd=0&r=u&fum=1

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| optimize object| bsagpt object| bsaheaderbid object| googletag function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| __NUXT_COLOR_MODE__ object| __NUXT__ object| webpackJsonp object| ggeac object| google_js_reporting_queue function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| FontAwesomeConfig object| ___FONT_AWESOME___ function| iFrameResize function| Color function| Chart object| $nuxt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-88483116-1 object| gaGlobal object| gaData object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Criteo object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_106 object| Criteo_prebid_106

3 Cookies

Domain/Path Name / Value
.getnada.com/ Name: _gat
Value: 1
.getnada.com/ Name: _gid
Value: GA1.2.1063105226.1621442645
.getnada.com/ Name: _ga
Value: GA1.2.2134984649.1621442645

4 Console Messages

Source Level URL
Text
console-api log URL: https://getnada.com/_nuxt/bc77481.js(Line 1)
Message:
ggg
console-api log URL: https://getnada.com/_nuxt/bc77481.js(Line 1)
Message:
ggg1
console-api error URL: https://getnada.com/_nuxt/6891d3f.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://getnada.com/_nuxt/bc77481.js(Line 1)
Message:
ggg2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9af9132627281165d945b57ca25ed15.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
crcdn01.adnxs.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
eu-u.openx.net
fra1-ib.adnxs.com
g2.gumgum.com
getnada.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
jadserve.postrelease.com
lh3.googleusercontent.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
public.servenobid.com
rtb.gumgum.com
s.update.ib.adnxs.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
vcdn.adnxs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
getnada.com
pagead2.googlesyndication.com
partners.tremorhub.com
13.248.242.197
142.250.185.66
142.250.186.162
150.136.25.38
151.101.113.108
151.101.114.49
169.197.150.7
172.217.23.98
178.250.2.131
18.195.155.181
18.203.131.238
185.183.112.148
185.184.8.30
185.29.135.226
185.64.189.115
185.86.139.104
193.0.160.128
198.148.27.139
2.18.232.130
2.18.233.180
202.241.208.55
208.100.17.172
213.19.147.45
23.79.143.202
2606:4700:3037::6815:1bd5
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:bdf::45
2a00:1288:110:c305::8000
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c0a::9a
2a02:2638:1::13
2a02:2638::3
3.121.254.42
34.196.165.123
34.98.64.218
35.156.13.167
35.156.143.112
35.157.246.167
35.227.247.230
35.244.159.8
37.157.2.234
37.252.172.38
37.252.172.45
37.252.173.62
50.16.38.94
51.38.120.206
52.17.141.216
52.18.52.16
52.19.106.86
52.207.161.225
52.48.137.92
64.202.112.63
66.155.71.149
67.202.110.21
70.42.32.63
72.251.238.254
72.251.249.14
8.43.72.97
88.214.206.142
94.31.29.32
01b2b41e747ce2ff3382e722c10e04877721916d1810521fc67dc86fd8e4049b
052d04ffea679f1a8a237b8e7df06acfffac7f8e1f3fe20939b6a7f5e5e38d6b
0a0c278457a8e7f7f271de1008428ac1d94cd738dd234467f80a00be032c4c5a
0aba14b543ac92b14fc6bbf23236ec23ec40af2239a0a69f92f7be2ad57617cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbfc250896301c66b7c21f5382d027416087bc02042ede6e4fc8c0d0c26563a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f58744cea6864c2410a66c71e675411596dad625b71a268817923fd4ae737b9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f4d29b206fed4a9552919d15af1745c1a7ccc2ca7cad5e877d3738a86d3a69
1534a07424ddecbe87c83f5975ef83a9e8771638220f93b802f14a332a1f69a3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1ce96a7fdb9be93f7bfbcde783d45f6d566594e389c9610e0bcb0462f6d89d30
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
207ccfedbe7939e698c1dd3adde00b322740985b7f534a27e043c5fe2b9b20aa
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
2af7de9ee55f3660185be051732dc26fb49bc8d428ae93d55bd78bd1da272e3c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e81cdcc88cc0a8866ab9d23bf66b4e29ab258243c234bfe44f309fa9747dc93
2eb579888f4d755da7fc7443d9677be85460172631d1f17f6e1bdc8eacd589b7
2ee75081870589191b3013c69834e8ce2fea2399061134c8dc15c4dfca0eb31f
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
3446feb97d26ebb0f0da4e01aebf7d7d1362dd0f9541caf4faa5f0699cc4eeba
346f2df071602cbecd4955ba0ba2e96964c96beba1b394b6caee0acee13486d8
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3342657f8e25ca8fc5a957f3831ccf73eef61cefc758048cb98f6e985b1a6b
4414a324e99f9f9ff0e02c9109c7421b60620a970ef08f7c538aa8c68c9d5f7b
444d23c8bcd8913ffe7535995e72e97ba9be98342ca2c2f36caad95682bdcfd0
44f72ba96e2cb21757ada360b4fc9c847784ff5cfaa2582ef868ea2707ca598d
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4bdcba71062ad849da6c41bb9130977f59af71c1b82e4c397b193469ece62ad6
4ca3006279ce684b106771e06486598cddf45bfeefaaae4ee4061fc110d38ab7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb8a98f6261bff65e08be14d6e79f7a6da035471ca60b3fad5d81e0dd5e8738
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54568136bcc231af9aa7f765a5593f06ed6396388015f4959ef7952f5fafc1ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e
57d01d10f725f07780284b2c6a28f63b01810ad435ceef0bd8e078d5163e6b7e
5970ec9738f9236fdb95ea4f1ddb5fa2d773eb02bfdf9d77c5868f5e7cd64168
5e0e852e566f02d1ff0562bd0ec7b5aae702a3c9d34552bd0d3dea1ed9467b89
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
631023ea459bd04e3d0fcd43488249edc3e7e1b1e23674c79d7fa1abbbe4782c
6345bc2387ad5b05af3cefd9d4420803b78baaa765437efb29802ce8521bb193
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6986f9bd0a3f97180309b0096bbf54b8d771be46c566ae2c5161ca86dfff17b0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e8d5880fa5b8742dcb299240ff70e7cb9ed62cd3685584287fa7bdcc40d10ed
6edfc05fcc1323c28579dd7646d60cac2208bc292946625bf02ce9452204f4af
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
749e8d4c2105ea6aed5bc230fde6f438a92f239dce54dd076ed0c0bbf8f01236
74e1a0d722953dc380565c08d0a696e5a866d7df319fbbab293dc669b8646b80
7959cba09100a237b778565215d81f83ff06c75e9fbee169d01bc79a5b6eeefe
7ac44be485717073ab02251096c4cb630bb3ff4bd9f6a4e647e6dbcb4344505e
7ba53f97bd35194079aec47f239c1827ad5f24293c9ada89949010feac45ab9d
8180f84996d278d97985aec2308fb278eb7ee6691e74f94eea3fe400a01f9e6a
818ca601ade7dece6efeb7c58a326f53da05f746f7aaeb97d69125d82e80503b
83457e126fb95de1d4f89567c3bf77845b9d197d80da519fc8099ec58a8777a7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c9b1bd4eeda36ac7bf966370d9d3045fdab2128dd35bbc59460ad318687c7a
8a24694ab6c2575402b8f043b7330b815a81346be5a94d5c0d0fea6ec2c8b2e7
8c27df6e0b06f5ad4f23da721af180790775e49f75c129937113fb19cb0ea935
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e97255ee46a3eaa000d337737a11d22e47788ce63d0d8bd0d44a471eb8b48eb
8ec3c953c153ea68af497886eb32936c52f1a60970f1df3e10cb793e4f6b7ff6
8f9d2ed4da4771f4e9b69b8bfe933f92cf15734eed94523f4da9e7e23b73eb32
958f0d5495d2f9b99f7394f4a0e22a54f8867df678ce6faa3a9ab99ba3c1a7be
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9bb0797b6d9b283c243f713d3d5ae258fdc2f5794517b5394323efac413fec06
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3340db24221742273eeca8474ed4d4b6ba6b001d038ee822e60c4a13717830b
a3556b210d850f85054988ae9e3cef5da713d1ec0a78cff5c1cfb7282293794d
a38cd8e5baeafdfd1ea7b9466a81a162313eb28913f6e4a87422e8c625c0c105
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abc865035cd1c647431c0bfd0b5fd1784ce0a861de6db87054bcd84dc40770c9
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
ad35eab5d65725ea3bc3743e3497bae5800e47a8e6fab22dcd9f8a31c947f69e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae59c580d83a1b04dbfc57216b6e5d82d9bf299cc38104c5190ebce9327c0ea1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18eb974a3a6554bbf742f767cf0599cb34bfad405925f9481be58a680722a83
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b4b3284954c9ab7baaf0cd93e93b51b7dbe757bbcb70735a8a7f5af0ab6ee5ec
b582b6811a8bf6c1bda11c9befe6709b92e85c98d4392cfc284b6b51d9afeef8
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bbdffd316eac9d2bc3729d3ff4405eb607fb2fd4cbd7d973171dffcc920b8520
bdce4280d1dd49065aa5fca1787eaca74f3e19c0beec3f0838719078f7eebba4
be25b7040daa126e5edb3ab258a5c4a3956d7b0679cd9d2701269993d568564f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c831f25134665f677e457c0faa56f090e8ed9bef9d48561733e7191dbf221964
c8933dc48c67ed5ab8fa8bc868628b466f0cc0d0b41c4c8eb167004a04e0fc0c
c9f3abdcc60ce1214997ffa0f2503a14d196d0cd5e73e28aa444abcee9f7997f
ca606bb050cc9452cb7453be0926c2d539de94ff4cf0c8485eb2d20c1fb3448e
cc5bfddf3aa6ef5fd3352b6c55c9d6ea56281efc21aa80935e5713e9690d7755
ceb0514c12f215f342b15a82ecd9b867dd6a775ef5d8575639b4e2dc951a82a3
d0dd19b8ee0aa062e8d238c37dadb28af3b2063ad71548003b02336a039dbf76
d4a8c6c96d9d60c48a4fa783ceba42e957f8d571a95e3856c3cde4132336d49f
d75340a866da40cd9d6d87d33e4718634776f97cd91ca2d8aa1fddd74422ba22
d78a36966f6a2a9ae94a27bd0ccc6ee345d34839476e5fb68d7851860f4de24f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df2140fe14c7af2c2ce796f5ed54b6301a96f57c5e8879b7df6973e0839f4985
e2f93aeef6630f424ed0998c832cd41fd54d866f766a46213405abeaae34f182
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bbdfe8cbd461c753db0ca01e7e1018bf42847790abef0b4b62ee3a9c8c47f
ea39146cb18bc630e659e2a87058c0d8ffbad81932b10ddf1748ce3d88bf8208
ecd860e5a42c8d33d0fff8b937288a8b90d275a46be3e33e520a7453bcd8c55d
ee52aca2addb80357711553d004a94d8fe0e567a19f494b232e03496cf812e93
ee9e3b0398d2a4b5f6a4a2f533b748f281aa36392dbed61a38b4446e590242ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b3e38b5f979c5ad70a44c6e2fefe833d5b735a72bbf44f30f0076195d369cd
f52439144ef6471c5ed9740a0dc524b77b157509b66cca7a8c3940359bb9ea8b
fd6f87cab36b85a519558b79e4b05254ab8e8e57168abba1c4cef63516224d8d
ff016a7705bb98e34908e41f5db86978ffbde1ef819d57c2708b3c8091ed0e3e