venom.com Open in urlscan Pro
72.32.138.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://venombiteenergy.com/
Effective URL:
http://venom.com/
Submission: On December 29 via api (December 29th 2023, 7:12:23 pm UTC) from US — Scanned from US

Summary HTTP 169 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 65 IPs in 5 countries across 81 domains to perform 169 HTTP transactions. The main IP is 72.32.138.96, located in United States and belongs to RMH-14, US. The main domain is venom.com.

This is the only time venom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.74.99.100 204.74.99.100	19905 (SECURITYS...) (SECURITYSERVICES)
1	72.32.138.96 72.32.138.96	33070 (RMH-14) (RMH-14)
2	2600:141b:1c0... 2600:141b:1c00:1c84::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2600:9000:21e... 2600:9000:21ea:9e00:b:f2af:4980:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21da:fa00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
4 18	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2	185.167.164.44 185.167.164.44	198622 (ADFORM) (ADFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	63.140.38.137 63.140.38.137	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.47.108 108.139.47.108	16509 (AMAZON-02) (AMAZON-02)
1	23.7.64.229 23.7.64.229	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	172.253.115.149 172.253.115.149	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
2 3	18.238.49.52 18.238.49.52	16509 (AMAZON-02) (AMAZON-02)
2 5	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::68	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
2	18.238.74.246 18.238.74.246	16509 (AMAZON-02) (AMAZON-02)
13	23.49.248.198 23.49.248.198	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 5	44.215.14.157 44.215.14.157	14618 (AMAZON-AES) (AMAZON-AES)
1	23.56.212.125 23.56.212.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.156.154.47 18.156.154.47	16509 (AMAZON-02) (AMAZON-02)
1 2	216.22.16.72 216.22.16.72	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 3	63.251.28.134 63.251.28.134	26558 (FREEWHEEL) (FREEWHEEL)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	35.214.136.251 35.214.136.251	15169 (GOOGLE) (GOOGLE)
3 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 2	54.156.26.12 54.156.26.12	14618 (AMAZON-AES) (AMAZON-AES)
3 3	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	44.220.113.151 44.220.113.151	14618 (AMAZON-AES) (AMAZON-AES)
6 6	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	99.81.243.254 99.81.243.254	16509 (AMAZON-02) (AMAZON-02)
1	52.218.101.235 52.218.101.235	16509 (AMAZON-02) (AMAZON-02)
2	34.197.227.33 34.197.227.33	14618 (AMAZON-AES) (AMAZON-AES)
7 8	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.238.55.84 18.238.55.84	16509 (AMAZON-02) (AMAZON-02)
2 3	34.255.227.21 34.255.227.21	16509 (AMAZON-02) (AMAZON-02)
3 3	18.235.121.230 18.235.121.230	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.225.214.84 13.225.214.84	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	54.166.148.14 54.166.148.14	14618 (AMAZON-AES) (AMAZON-AES)
2 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	69.192.109.215 69.192.109.215	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:220... 2600:9000:2209:6800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	141.226.224.48 141.226.224.48	() ()
1	46.19.11.36 46.19.11.36	() ()
1	34.197.216.192 34.197.216.192	() ()
2 3	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1	44.212.89.30 44.212.89.30	() ()
2	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
3	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
3	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	54.230.160.114 54.230.160.114	16509 (AMAZON-02) (AMAZON-02)
1 38	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
7 7	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
2	104.126.119.104 104.126.119.104	() ()
2 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:1f18:612... 2600:1f18:612b:4200:b356:89b7:4cae:66dd	14618 (AMAZON-AES) (AMAZON-AES)
1 1	13.35.102.14 13.35.102.14	() ()
1	50.17.81.185 50.17.81.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.231.115.221 34.231.115.221	14618 (AMAZON-AES) (AMAZON-AES)
2 2	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1 1	3.12.177.24 3.12.177.24	() ()
1 1	3.13.112.255 3.13.112.255	() ()
4 4	54.36.150.183 54.36.150.183	() ()
1	34.224.103.168 34.224.103.168	() ()
1 1	44.205.235.60 44.205.235.60	() ()
1 1	3.222.212.19 3.222.212.19	() ()
1	198.54.201.131 198.54.201.131	() ()
1	35.186.196.148 35.186.196.148	() ()
1	3.216.74.116 3.216.74.116	() ()
1	34.192.249.162 34.192.249.162	() ()
1 1	151.101.194.132 151.101.194.132	() ()
1 1	8.28.7.81 8.28.7.81	() ()
169	65

1 204.74.99.100 (United States) 1 redirects

ASN19905 (SECURITYSERVICES, US)
PTR: crs.ultradns.net

venombiteenergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.32.138.96 (United States)

ASN33070 (RMH-14, US)

venom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:1c84::1e80 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21ea:9e00:b:f2af:4980:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.annihil.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:fa00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.167.164.49 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.44 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.137 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-137.data.adobedc.net

marvel.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.7.64.229 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-64-229.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.115.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f149.1e100.net

3944448.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9096304.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.49.52 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-52.jfk52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.47.69.85 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.74.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-74-246.jfk52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.49.248.198 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-198.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.215.14.157 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-14-157.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.212.125 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-212-125.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.154.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-154-47.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.72 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.28.134 (Secaucus, United States) 2 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.251 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 251.136.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.26.12 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.229.3.43 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.220.113.151 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-220-113-151.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.122.155 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.243.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.101.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.227.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-227-33.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.179.153 (North Bergen, United States) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-84.jfk52.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.255.227.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-227-21.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.235.121.230 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-121-230.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.214.84 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.148.14 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-148-14.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.82 (Frankfurt am Main, Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.109.215 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-109-215.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:6800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (None, ) 1 redirects

ASN- ()

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (None, )

ASN- ()

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.216.192 (None, )

ASN- ()

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.139.29 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.89.30 (None, )

ASN- ()

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.225.218.10 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.119.104 (None, )

ASN- ()

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:b356:89b7:4cae:66dd (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.102.14 (None, ) 1 redirects

ASN- ()

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.81.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-81-185.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.115.221 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-115-221.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.97 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.12.177.24 (None, ) 1 redirects

ASN- ()

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.112.255 (None, ) 1 redirects

ASN- ()

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.183 (None, ) 4 redirects

ASN- ()

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.103.168 (None, )

ASN- ()

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.235.60 (None, ) 1 redirects

ASN- ()

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.212.19 (None, ) 1 redirects

ASN- ()

sync-amazon.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.54.201.131 (None, )

ASN- ()

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.196.148 (None, )

ASN- ()

sync.rfp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.74.116 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.249.162 (None, )

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (None, ) 1 redirects

ASN- ()

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (None, ) 1 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285	28 KB
22	adform.net 4 redirects a2.adform.net — Cisco Umbrella Rank: 8098 s2.adform.net — Cisco Umbrella Rank: 6115 c1.adform.net — Cisco Umbrella Rank: 560 dmp.adform.net — Cisco Umbrella Rank: 2870 track.adform.net — Cisco Umbrella Rank: 4289	80 KB
13	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	162 KB
12	doubleclick.net 8 redirects 3944448.fls.doubleclick.net — Cisco Umbrella Rank: 142946 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 9096304.fls.doubleclick.net — Cisco Umbrella Rank: 429450 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	5 KB
8	adnxs.com 7 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	6 KB
8	annihil.us i.annihil.us	209 KB
7	yahoo.com 7 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 cms.analytics.yahoo.com	2 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 758	1 KB
7	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331 js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org	6 KB
5	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 666 ice.360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	2 KB
5	bluekai.com 2 redirects stags.bluekai.com — Cisco Umbrella Rank: 848 tags.bluekai.com — Cisco Umbrella Rank: 638	2 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	1 KB
4	id5-sync.com 3 redirects id5-sync.com — Cisco Umbrella Rank: 425	5 KB
4	openx.net 3 redirects eu-u.openx.net — Cisco Umbrella Rank: 2473 us-u.openx.net	736 B
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661 load77.exelator.com — Cisco Umbrella Rank: 3503 loadus.exelator.com	3 KB
4	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 ssum-sec.casalemedia.com	3 KB
4	rubiconproject.com 3 redirects token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	3 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 93 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	scorecardresearch.com 2 redirects b.scorecardresearch.com — Cisco Umbrella Rank: 6208 sb.scorecardresearch.com — Cisco Umbrella Rank: 172	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	264 KB
3	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	934 B
3	t.co t.co — Cisco Umbrella Rank: 589	587 B
3	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	1 KB
3	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2112	2 KB
3	pubmatic.com 2 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 723 image2.pubmatic.com image6.pubmatic.com	1 KB
3	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699 usermatch.krxd.net	695 B
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
3	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 686 aa.agkn.com — Cisco Umbrella Rank: 499	2 KB
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	779 B
2	connatix.com 2 redirects capi.connatix.com — Cisco Umbrella Rank: 1010	630 B
2	yahoo.net hb.yahoo.net	1 KB
2	taboola.com 1 redirects sync.taboola.com	818 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12816	631 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799	841 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	891 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	816 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	1 KB
2	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	1 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	35 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	91 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 431	56 KB
1	ispot.tv 1 redirects pi.ispot.tv	342 B
1	sharethrough.com match.sharethrough.com	280 B
1	fout.jp sync.rfp.fout.jp	275 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com	123 B
1	yieldmo.com 1 redirects sync-amazon.ads.yieldmo.com	612 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	491 B
1	kargo.com crb.kargo.com	358 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1226	633 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5086	657 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2700	186 B
1	imdb.com 1 redirects www.imdb.com	878 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5264	390 B
1	emxdgt.com e1.emxdgt.com	120 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	532 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	278 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	456 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 20737	444 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 23648	407 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	633 B
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 870	155 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4608	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	400 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 20484	458 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 5121	16 KB
1	omtrdc.net marvel.tt.omtrdc.net — Cisco Umbrella Rank: 402233	732 B
1	venom.com venom.com	13 KB
1	venombiteenergy.com 1 redirects venombiteenergy.com	211 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	myvisualiq.net Failed t.myvisualiq.net Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
169	81

	Domain	Requested by
38	s.amazon-adsystem.com	1 redirects track.adform.net s.amazon-adsystem.com
13	analytics.tiktok.com	venom.com analytics.tiktok.com
10	c1.adform.net	2 redirects a2.adform.net c1.adform.net
8	i.annihil.us	venom.com i.annihil.us
7	tr.snapchat.com	sc-static.net
6	ups.analytics.yahoo.com	6 redirects
6	cm.g.doubleclick.net	6 redirects
5	ib.adnxs.com	5 redirects
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	match.adsrvr.org	2 redirects js.adsrvr.org
4	dmp.adform.net	c1.adform.net
4	tags.bluekai.com	2 redirects c1.adform.net
4	a2.adform.net	2 redirects venom.com a2.adform.net
4	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	analytics.twitter.com	a2.adform.net track.adform.net
3	t.co	a2.adform.net track.adform.net
3	eb2.3lift.com	2 redirects c1.adform.net
3	dpm.demdex.net	3 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	uipglob.semasio.net	2 redirects c1.adform.net
3	dsum-sec.casalemedia.com	2 redirects c1.adform.net
3	x.bidswitch.net	3 redirects
3	ads.stickyadstv.com	2 redirects c1.adform.net
3	sb.scorecardresearch.com	2 redirects venom.com
3	bat.bing.com	venom.com bat.bing.com
2	us-u.openx.net	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	capi.connatix.com	2 redirects
2	hb.yahoo.net	s.amazon-adsystem.com js.adsrvr.org
2	match.360yield.com	s.amazon-adsystem.com
2	js.adsrvr.org	track.adform.net insight.adsrvr.org
2	track.adform.net	s2.adform.net
2	sync.taboola.com	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	ice.360yield.com	2 redirects
2	pm.w55c.net	2 redirects
2	aa.agkn.com	2 redirects
2	beacon.krxd.net	c1.adform.net s.amazon-adsystem.com
2	eu-u.openx.net	1 redirects c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	px.ads.linkedin.com	1 redirects c1.adform.net
2	idsync.rlcdn.com	2 redirects
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	1 redirects c1.adform.net
2	rtb-csync.smartadserver.com	1 redirects s.amazon-adsystem.com
2	token.rubiconproject.com	1 redirects c1.adform.net
2	sc-static.net	venom.com track.adform.net
2	static.ads-twitter.com	venom.com track.adform.net
2	www.google.com	venom.com
2	adservice.google.com	3944448.fls.doubleclick.net 9096304.fls.doubleclick.net
2	9096304.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	3944448.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	venom.com connect.facebook.net
2	s2.adform.net	venom.com
2	assets.adobedtm.com	venom.com assets.adobedtm.com
1	insight.adsrvr.org	js.adsrvr.org
1	image6.pubmatic.com	1 redirects
1	pi.ispot.tv	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	match.sharethrough.com	s.amazon-adsystem.com
1	sync.rfp.fout.jp	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	sync-amazon.ads.yieldmo.com	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	crb.kargo.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	amazon.partners.tremorhub.com	1 redirects
1	e1.emxdgt.com	c1.adform.net
1	bpi.rtactivate.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	1 redirects
1	sync.teads.tv	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	pippio.com	1 redirects
1	load77.exelator.com	c1.adform.net
1	csync.loopme.me	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	a1.seadform.net	venom.com
1	www.facebook.com	venom.com
1	stags.bluekai.com	tags.bkrtx.com
1	tags.bkrtx.com	assets.adobedtm.com
1	b.scorecardresearch.com	venom.com
1	marvel.tt.omtrdc.net	assets.adobedtm.com
1	d.agkn.com	assets.adobedtm.com
1	venom.com
1	venombiteenergy.com	1 redirects
0	sync.search.spotxchange.com Failed	s.amazon-adsystem.com
0	t.myvisualiq.net Failed	s.amazon-adsystem.com
0	global.ib-ibi.com Failed	c1.adform.net
169	107

This site contains links to these domains. Also see Links.

Domain
www.marvel.com
shop.marvel.com
disneytermsofuse.com
disneyprivacycenter.com
preferences-mgr.truste.com

Subject Issuer	Validity	Valid
marvel.com Amazon RSA 2048 M02	`2023-03-08` - `2024-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-08` - `2024-01-06`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-13`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2023-06-14` - `2024-06-14`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M02	`2023-10-17` - `2024-11-14`	a year	crt.sh
*.prod.use1.green.ops.kargo.com Amazon RSA 2048 M03	`2023-12-11` - `2025-01-08`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.rfp.fout.jp RapidSSL TLS RSA CA G1	`2023-08-03` - `2024-09-02`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://venom.com/
Frame ID: 11AC0992B587BD1DD53E364441DC48A3
Requests: 32 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/7043/?che=%n&type=marve0
Frame ID: 4DA2818B18D4728B657C02A30D9BE3F6
Requests: 1 HTTP requests in this frame

Frame: https://3944448.fls.doubleclick.net/activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F
Frame ID: 065353CAD7B93905985F694D5356D1D0
Requests: 1 HTTP requests in this frame

Frame: https://9096304.fls.doubleclick.net/activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F
Frame ID: 7068D39274D574F77E3D056ED7FB1329
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/56546?ret=html&phint=__bk_t%3DMarvel.com&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fvenom.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=80764799
Frame ID: C89EEEBCC576BF342AE42EA769CD9D2E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F
Frame ID: 5C4C02FEA5FB26E54DDF2873F83DB4F1
Requests: 1 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&rnd=1434404518&cpref=&loc=http%3a%2f%2fvenom.com%2f
Frame ID: 4B93C94F1BA57FD509808F530B8D29FD
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Frame ID: 900CA14FE090074973E4B78C9B1D8697
Requests: 41 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a677d388-f7e6-4d61-962a-62aed58aa812&u_scsid=b5711e17-15b8-4e45-bc79-7e0ad8201dc5&u_sclid=8a7d8ac8-8c2d-4420-8b55-f669f5759cd7
Frame ID: 80EC125A73FED2FA32FF0C0152CABAF8
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/serving/container/?pm=1913694&lid=121292221&ctype=0&media=0&PageName=US+Universal&rnd=1438070517&cpref=http%3a%2f%2fvenom.com%2f&loc=https%3a%2f%2fa2.adform.net%2f
Frame ID: AD243E8723001836078F6D6ED0C47D5C
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800&dcc=t
Frame ID: E332EEA9F8DD72BE7819F471A20CA1F5
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a677d388-f7e6-4d61-962a-62aed58aa812&u_scsid=87959dcc-93b5-4c3e-b8c2-09c59ccd0d85&u_sclid=1a69696a-5f07-45eb-9978-1a341a666631
Frame ID: 9BEA4C18AA364BB46491D770EE198A89
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Frame ID: 50C278572B163030E9A6723E28A6A064
Requests: 49 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=jp8nt4i&ref=https%3A%2F%2Fa2.adform.net%2F&upid=vww3fws&upv=1.1.0
Frame ID: AE0CF73EC60D06D2BFB715042BC53ED4
Requests: 2 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&gdpr=0&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&dpid=55953
Frame ID: D3C87A23A0297E741A41D315BCCF540F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5615141883278399293&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc
Frame ID: C6DD7A73A39E27A55BCE52A0BA7A31D9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: C6EF869BE189B97D06C7DEA25A877914
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marvel.com

Page URL History Show full URLs

http://venombiteenergy.com/ HTTP 301
http://venom.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

169
Requests

58 %
HTTPS

15 %
IPv6

81
Domains

107
Subdomains

65
IPs

5
Countries

1027 kB
Transfer

2640 kB
Size

116
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.marvel.com/signin
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.marvel.com/

Search URL Search Domain Scan URL

URL: https://www.marvel.com/search

Search URL Search Domain Scan URL

URL: https://www.marvel.com/watch
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.marvel.com/characters
Title: Characters

Search URL Search Domain Scan URL

URL: https://www.marvel.com/comics
Title: Comics

Search URL Search Domain Scan URL

URL: https://www.marvel.com/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.marvel.com/tv-shows
Title: TV Shows

Search URL Search Domain Scan URL

URL: https://www.marvel.com/games
Title: Games

Search URL Search Domain Scan URL

URL: https://www.marvel.com/podcasts
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://shop.marvel.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://disneytermsofuse.com/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://disneyprivacycenter.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://disneyprivacycenter.com/notice-to-california-residents
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://disneyprivacycenter.com/kids-privacy-policy/english/
Title: Children's Online Privacy Policy

Search URL Search Domain Scan URL

URL: https://preferences-mgr.truste.com/?pid=disney01&aid=marvel01&type=marvel
Title: Internet-Based Ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://venombiteenergy.com/ HTTP 301
http://venom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 8

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 21

https://3944448.fls.doubleclick.net/activityi;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F HTTP 302
https://3944448.fls.doubleclick.net/activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F

Request Chain 25

https://sb.scorecardresearch.com/b?c1=2&c2=15266201&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703877133853&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2F&c8=Marvel.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=15266201&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703877133853&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2F&c8=Marvel.com&c9=

Request Chain 26

https://9096304.fls.doubleclick.net/activityi;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F HTTP 302
https://9096304.fls.doubleclick.net/activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F

Request Chain 31

https://a2.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 48

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2894385099841259782&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
https://c1.adform.net/serving/cookie/match?party=10&cid=8806977007108321

Request Chain 50

https://x.bidswitch.net/sync?dsp_id=70&user_id=2894385099841259782 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2894385099841259782 HTTP 302
https://csync.loopme.me/?partner_id=1196&uid=12fe5331-12a2-4d9e-9624-007e0567077c&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 51

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2894385099841259782&expiration=1705086725 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2894385099841259782&expiration=1705086725&C=1

Request Chain 52

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2894385099841259782&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2894385099841259782&sInitiator=external

Request Chain 53

https://ps.eyeota.net/match?uid=2894385099841259782&bid=9gdtmu1 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=2894385099841259782&bid=9gdtmu1

Request Chain 54

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2894385099841259782 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2894385099841259782&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 55

https://idsync.rlcdn.com/398366.gif?partner_uid=2894385099841259782 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjg5NDM4NTA5OTg0MTI1OTc4MhAAGg0Ij7S8rAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&rand=03868884 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&rand=03868884&expected_cookie=784193c7-c041-48b7-a8b4-70601606a073

Request Chain 56

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/gdpr_consent=

Request Chain 57

https://tags.bluekai.com/site/29729?id=2894385099841259782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=Q3pFNHZXNFU5OVlnV1Iyaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEDsthUXY-HTvrj7BKU75E_I&google_cver=1

Request Chain 58

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2894385099841259782 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2894385099841259782

Request Chain 59

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Mjg5NDM4NTA5OTg0MTI1OTc4Mg HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAxYo7t_cWMFqcbaqOZ1MUQ&google_cver=1&google_ula=1641347,0

Request Chain 63

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=5615141883278399293&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=2894385099841259782

Request Chain 66

https://a.audrte.com/a?adform_uid=2894385099841259782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmU0blJKRXpUMVBTUWlJMnc2dGhwLWRWZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 67

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2894385099841259782&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2894385099841259782&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=61752508712521087063477347014333764914&noredirect=1

Request Chain 68

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2894385099841259782 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=261610004745008501436

Request Chain 69

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7318096575533086877

Request Chain 71

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=gnwOa5Uc1Rjihi5

Request Chain 72

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc

Request Chain 74

https://id5-sync.com/s/10/0.gif?puid=2894385099841259782 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=2894385099841259782&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9afb56O-BWh8todcKRI_kjWUKY8dlKLqIuFWj15I4w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9afb56O-BWh8todcKRI_kjWUKY8dlKLqIuFWj15I4w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=7c6743f7-67e9-44b4-8854-3dfa2c5fd1cf&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/10/2/0/3.gif?puid=5615141883278399293&gdpr=0&gdpr_consent=

Request Chain 75

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3270138647 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.KyFzomDblz7RDBmNYKbNe

Request Chain 77

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2894385099841259782 HTTP 302
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2e86721743&gdpr=0&gdpr_consent=

Request Chain 80

https://eb2.3lift.com/xuid?mid=7354&xuid=2894385099841259782&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2894385099841259782&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

Request Chain 104

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800&dcc=t

Request Chain 115

https://ib.adnxs.com/setuid/a9?entity=188&code=BYDzLDMoR3iwaczOdtmGLQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BYDzLDMoR3iwaczOdtmGLQ

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=FdKZNeTnSmCtKSBtPhxAog&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZY8aDsX7CKcQ0gM-GILyvQAA

Request Chain 119

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=UGSYoIjvSfmGnE5rCN5oaQ HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=UGSYoIjvSfmGnE5rCN5oaQ&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58516&ovsid=UGSYoIjvSfmGnE5rCN5oaQ&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&ovsid=UGSYoIjvSfmGnE5rCN5oaQ&dpid=58516

Request Chain 120

https://capi.connatix.com/us/pixel?pId=32&puId=HVVnIx1GQMqLfTFb6iGEXw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D HTTP 302
https://capi.connatix.com/us/pixel?pId=32&puId=HVVnIx1GQMqLfTFb6iGEXw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D&final=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=HVVnIx1GQMqLfTFb6iGEXw

Request Chain 121

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=22d7ca457fb149f0b44a1473fff61b3b

Request Chain 122

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 125

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=125af91355cc7667d

Request Chain 126

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Uer-1L16RreQHyrZJ4dQDQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Uer-1L16RreQHyrZJ4dQDQ

Request Chain 127

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=8u8G2sHVS46RI508OZt4IQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=61752508712521087063477347014333764914

Request Chain 128

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=LbbdHMSyQD2G_IJhOsrh2w HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10597673616561355690&gdpr=&gdpr_consent=

Request Chain 129

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2894385099841259782

Request Chain 130

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d%22,%22Time%22:%2220231229T191216.966668%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d

Request Chain 131

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEFfqBlw7wx-MxS0UVNxQ0bg&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEFfqBlw7wx-MxS0UVNxQ0bg&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5615141883278399293&opid=apx&ops=&utidl=tech:goo:CAESEFfqBlw7wx-MxS0UVNxQ0bg&gdpr=0&action=GET_ID&etid=&domid=1109 HTTP 303
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-64461182132&gdpr=0

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LN0tPpXPQt9ggEALYeeciDc4cio4ZgAC

Request Chain 134

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5615141883278399293&ex=appnexus.com

Request Chain 135

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=LvgoOwLpSwWEBjCxewsxJg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=LvgoOwLpSwWEBjCxewsxJg

Request Chain 136

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=DVVP-dUnPe-BOgzff1fT7sWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 137

https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=2c5f087160013da73222de1df0c5e3a7

Request Chain 138

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=66021E0A111A8F6528006C55027C3B83

Request Chain 139

https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=2UkvI8EaTGSx5jVOFDODKg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=2UkvI8EaTGSx5jVOFDODKg

Request Chain 140

https://us-u.openx.net/w/1.0/sd?id=537072986&val=V868RNqKRE63pkMq7esGLQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=V868RNqKRE63pkMq7esGLQ

Request Chain 141

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=dc243576-57be-4777-8474-06c8869707c2-tuctc889f91

Request Chain 142

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=261610004745008501436&ex=neustar.biz

Request Chain 143

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6a8fe1925ca0d7589717696f28d079cb

Request Chain 144

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=0We4v9oE99eZkR2k

Request Chain 147

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-LNq0qytE2pFG8uAAPJAGLTb8SlNT4vMO4NsN~A&status=OK&ex=gemini

Request Chain 148

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 152

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=pI3V-RU6SXuITWfVg8bYYg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pI3V-RU6SXuITWfVg8bYYg

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENRJCKLg5QNsy2eUoeo__ts&google_cver=1

Request Chain 156

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=4d9c7823e07de0614e47dca0356faaa4

Request Chain 157

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dc3400df-0504-c095-05f5-f4dbaf688cb3

Request Chain 158

https://eb2.3lift.com/xuid?mid=8341&xuid=u5oNAfUhTySDh7ZzK7pIIQ&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4548801516212776359454

Request Chain 159

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DEB71CD8B701F0E5

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ebybpVj9QPmNg3fs6QfPIw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 161

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=37d86acc974fdbfcb2fb367b18030e2d0ea51c24a383a58bcf66e658c50fa67a

Request Chain 162

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5006F61B-88E6-46F8-8E67-416FD9B86413

Request Chain 165

https://ups.analytics.yahoo.com/ups/55953/sync?uid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&gdpr=0&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&dpid=55953

Request Chain 166

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5615141883278399293&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc

Request Chain 167

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

169 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0

503
Service Unavailable

Primary Request / Show response
venom.com/
Redirect Chain

http://venombiteenergy.com/
http://venom.com/

13 KB
13 KB

178ms
64ms

Document
text/html

72.32.138.96
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: http://venom.com/
Protocol: HTTP/1.0
Server: 72.32.138.96 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: BigIP /
Resource Hash: c0f1f135a2ae4d7a85ecdd329fca4d549b170f7599ade2c8b8c38c2cc851b36c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Length: 13264
Content-Type: text/html
Server: BigIP

Redirect headers

Accept-Ranges: none
Connection: close
Content-type: text/html
Date: Fri, 29 Dec 2023 19:12:12 GMT
Last-Modified: Fri, 29 Dec 2023 19:12:12 GMT
Location: http://venom.com/

GET
H/1.1 200
OK satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js Show response
assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/ 105 KB
28 KB 176ms
70ms Script
application/x-javascript 2600:141b:1c00:1c84::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: HTTP/1.1
Server: 2600:141b:1c00:1c84::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e761cf0d058a8e35bec470e90841328ff169ccf3a2c803e9cfb67e907db693fc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 19:12:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Sep 2020 21:54:44 GMT
Server: AkamaiNetStorage
ETag: "aafcf0af03fe8eb62cc3271a44b5ebce:1599602084.817237"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://venom.com
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28111
Expires: Fri, 29 Dec 2023 20:12:12 GMT

GET
H/1.1 200
OK main-628a0aed79.css
i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/ 35 KB
6 KB 578ms
257ms Stylesheet
text/css 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8d2652bbfcd895f59d7e9bb7095e5e8f67f002611001b50a761f64ae16b20f0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Bm6iVGn09t_9s5kvWYnBcfBCeBLz1tPq
Content-Encoding: br
Via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
Date: Fri, 29 Dec 2023 19:12:14 GMT
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 16:22:58 GMT
Server: AmazonS3
ETag: W/"628a0aed79ad3b461154f5c1a5ef146b"
Vary: Accept-Encoding, Origin
Content-Type: text/css
X-Amz-Cf-Id: jrAxiyrZqBMi3CTc5syywcJKhh8tW-dtdu8TRyp7FzJdHNGiK_4npw==

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
i.annihil.us/u/prod/marvel/i/js/ 85 KB
30 KB 619ms
298ms Script
application/javascript 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/i/js/jquery-3.3.1.min.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: XLlEucla2xUum0ntmxDDj3Tqk0LxF_JI
Content-Encoding: br
Via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
Date: Fri, 29 Dec 2023 19:12:14 GMT
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 16:15:19 GMT
Server: AmazonS3
ETag: W/"a09e13ee94d51c524b7e2a728c7d4039"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Amz-Cf-Id: 6GYLlNeny9vO5dnXwNRB6vDwHF_Cjs0qp-xiHz1fOfLGnx1aKBrT2g==

GET
H/1.1 200
OK main-ec0b804c01.js Show response
i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/js/ 2 KB
1 KB 593ms
305ms Script
application/javascript 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/js/main-ec0b804c01.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b67b4868edfa827e6c22ef20ed8d69c35163d76a84df51d7243b656822a1c33

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: oZ2ngDb_gbsH4KxA_W.TUQsXiD8dy2ou
Content-Encoding: br
Via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
Date: Fri, 29 Dec 2023 19:12:14 GMT
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 16:30:39 GMT
Server: AmazonS3
ETag: W/"9717f2576d86f164a9c29bc3fb96b240"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Amz-Cf-Id: pKU0qPmxzmUXITBmX8yE-AjtzbNUESAAKwWFF1_GLciR8AgiPahQFg==

GET
H/1.1 200
OK satellite-5dadd6ed64746d2b1e006fbc.js Show response
assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/scripts/ 76 KB
28 KB 80ms
79ms Script
application/x-javascript 2600:141b:1c00:1c84::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/scripts/satellite-5dadd6ed64746d2b1e006fbc.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js
Protocol: HTTP/1.1
Server: 2600:141b:1c00:1c84::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 34da65a434d76d99155ad82012f852c1a160574c61ce24864c95c4a78b30befa

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 19:12:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Sep 2020 21:54:45 GMT
Server: AkamaiNetStorage
ETag: "bd3f83c1d9d5fba23a370bd48983476e:1599602085.813751"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://venom.com
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 28011
Expires: Fri, 29 Dec 2023 20:12:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 220ms
78ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-3944448

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f650b94f675ae546899ffe630a55f5cd26b4841b3e67bbbb0d97f64a6cfc4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67429
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Dec 2023 19:12:13 GMT

GET
H2 200 / Show response
d.agkn.com/iframe/7043/ Frame 4DA2 223 B
755 B 310ms
82ms Document
text/html 2600:9000:21da:fa00:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/7043/?che=%n&type=marve0
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:fa00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 223
content-type: text/html;charset=UTF-8
date: Fri, 29 Dec 2023 19:12:12 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pragma: no-cache
via: 1.1 1ffe498380a643d1bb2efaa624b761a6.cloudfront.net (CloudFront)
x-amz-cf-id: DYLs9elcQ2sxOGzGSl2fX71Zq_Mp2oekL1SM-I_2bUqxfV-QxNRIDQ==
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

378ms
144ms

Script
application/javascript

185.167.164.44
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: H2
Server: 185.167.164.44 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:13 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 29 Dec 2023 19:12:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

45 KB
13 KB

148ms
61ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 29 Dec 2023 19:12:13 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDE7A0E1297C45CCA6230DFEAA058BA8 Ref B: MIAEDGE2908 Ref C: 2023-12-29T19:12:13Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 227ms
67ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 29 Dec 2023 19:12:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PabjYVEGANSXdWVmvgz7ktHAqrb0Qf+KGQKW7LKyiRMo7tbc+naQRbLX8r9cDLyS5IjcB7LYBIsWYrY8UPA8XQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
57 KB 266ms
158ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-945804815

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1638703c3d6a2d6b7d19d4f9ff14b5734b9679988bf14ff34489498bb6708ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57884
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Dec 2023 19:12:13 GMT

GET
H/1.1 200
OK json Show response
marvel.tt.omtrdc.net/m2/marvel/mbox/ 96 B
732 B 215ms
71ms XHR
application/json 63.140.38.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://marvel.tt.omtrdc.net/m2/marvel/mbox/json?mbox=target-global-mbox&mboxSession=9472e8ff09094638a0569bc0b5e842d0&mboxPC=&mboxPage=ff63e029f5a3487b8e8d86a3f9dc0bc4&mboxRid=9af8d93e6d7a4ff8810fa35d67b4d7c7&mboxVersion=1.8.0&mboxCount=1&mboxTime=1703841133311&mboxHost=venom.com&mboxURL=http%3A%2F%2Fvenom.com%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=-600&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/scripts/satellite-5dadd6ed64746d2b1e006fbc.js

Protocol

HTTP/1.1

Server

63.140.38.137 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-137.data.adobedc.net

Software

jag /

Resource Hash

6e05d66dba45e53f9c26893b389ca8db33ca68cf4158d0656ea154c1d487560b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: jag
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://venom.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-xss-protection: 1; mode=block
x-request-id: 9af8d93e6d7a4ff8810fa35d67b4d7c7

GET
H2 204 56004448.js Show response
bat.bing.com/p/action/ 0
116 B 82ms
81ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56004448.js

Requested by

Host: bat.bing.com
URL: http://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 29 Dec 2023 19:12:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6DC08801CBD54C5F90336815CBEAEF5C Ref B: MIAEDGE2908 Ref C: 2023-12-29T19:12:13Z
x-cache: CONFIG_NOCACHE

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 4 KB
3 KB 158ms
64ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: HTTP/1.1
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 19:39:17 GMT
Content-Encoding: gzip
Via: 1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
Last-Modified: Thu, 07 Dec 2023 12:13:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P1
Age: 84777
x-amz-server-side-encryption: AES256
ETag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Ksq8vTTZtIDAlcDBW-mMtM-2IovQT0pk-2hp7x9bE8fOd0UHI1K3nQ==

GET
H/1.1 200
OK marvel.svg
i.annihil.us/u/prod/misc/ 886 B
1 KB 277ms
276ms Image
image/svg+xml 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.annihil.us/u/prod/misc/marvel.svg
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77ed783446d00b1e37a0b20884a60272fd27f68267035aafd40eece3bf746f27

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: sFf5tN8iMRL0gze1B1r84QxEdLUEXjUu
Date: Fri, 29 Dec 2023 19:12:14 GMT
Via: 1.1 afb1814e7bfe68bf09d94722db50d432.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 886
Last-Modified: Wed, 01 Feb 2023 13:46:47 GMT
Server: AmazonS3
ETag: "ebf76a3ac0dcdef487e0fe90eecfdf40"
Vary: Accept-Encoding, Origin
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: 7U0mkl1TL2ENdJ_xEo81BZjjk3yyfitRwRieNLBUjKGkTS984dxE_w==

GET
H/1.1 200
OK maintenance.jpg
i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/images/ 90 KB
91 KB 300ms
299ms Image
image/jpeg 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/images/maintenance.jpg
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a02ab1864187a4cf7168813c2ae2e17b0f84cdd8b64e86914b73ba2a0d3d903

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: EHLV2Byv4hBEepRhSNrpwBsQjqFx1d6w
Date: Fri, 29 Dec 2023 19:12:14 GMT
Via: 1.1 1c7f2900c7652f6226ba50ec8bf3155c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 92177
Last-Modified: Wed, 01 Feb 2023 15:27:24 GMT
Server: AmazonS3
ETag: "6d650135f82db4d318155c3bad2440b8"
Vary: Accept-Encoding, Origin
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: IHLr_sZuWtZY_lBOJ8XtXYK6jB_IMLbwPHLJbcCViLDUX6LzDzWFwg==

GET
H/1.1 200
OK 44e7b0fa-6c8d-43c2-b19e-f1e3ce9ea57c.woff2
i.annihil.us/u/prod/marvel/s/fonts/terrigen/ 24 KB
25 KB 389ms
255ms Font
font/woff2 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/s/fonts/terrigen/44e7b0fa-6c8d-43c2-b19e-f1e3ce9ea57c.woff2
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e

Request headers

Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Origin: http://venom.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 1zV_C6wiuGu8o3JRSpSOO17PTXQf2RRL
Date: Fri, 29 Dec 2023 19:12:14 GMT
Via: 1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 24988
Last-Modified: Wed, 16 Nov 2022 20:47:17 GMT
Server: AmazonS3
ETag: "2d70ecfba83f1b8c993d7497db083bb0"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
X-Amz-Cf-Id: 2NT16s4JqY5gP1wN5wBPqKk57Ic6jBBTxWdZ3nCsbP9PUlHoxfsD0Q==

GET
H/1.1 200
OK 76b8cda6-0ded-4197-acab-e314297eb90f.woff2
i.annihil.us/u/prod/marvel/s/fonts/terrigen/ 24 KB
25 KB 376ms
243ms Font
font/woff2 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/s/fonts/terrigen/76b8cda6-0ded-4197-acab-e314297eb90f.woff2
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 252e0c85e488cc3574471ed7211571ad207f77426690a0ae8c1bd13fc4007cbb

Request headers

Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Origin: http://venom.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: hiKxPIlzUVFNLJNR9BfRtu3sggcw0uFL
Date: Fri, 29 Dec 2023 19:12:14 GMT
Via: 1.1 ebeca2ec07c54274f6b9125c7b82aecc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 25080
Last-Modified: Wed, 16 Nov 2022 20:30:55 GMT
Server: AmazonS3
ETag: "898b516fc3d37922f10a3560106be977"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
X-Amz-Cf-Id: KUxC_XMwPnxYsrSuuicLcEihwIPkj8WXeFHUgczRzHnOzYjT-ysxZg==

GET
H/1.1 200
OK 03008527-67bd-478e-98e3-3b56dd9a6520.woff2
i.annihil.us/u/prod/marvel/s/fonts/terrigen/ 29 KB
29 KB 372ms
240ms Font
font/woff2 2600:9000:21ea:9e00:b:f2af:4980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.annihil.us/u/prod/marvel/s/fonts/terrigen/03008527-67bd-478e-98e3-3b56dd9a6520.woff2
Requested by: Host: i.annihil.us
URL: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:9e00:b:f2af:4980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c948def2b7a4453ae2f5c6bc1c7ba94f2d42b316da4ae1c82951f056948ebe3

Request headers

Referer: https://i.annihil.us/u/prod/marvel/html_blocks_assets/error-pages/terrigen/prod/css/main-628a0aed79.css
Origin: http://venom.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: JPxYIeCstsVqYYVwbjz26CGHmOR4od.f
Date: Fri, 29 Dec 2023 19:12:14 GMT
Via: 1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR50-C1
x-amz-server-side-encryption: AES256
X-Cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 29316
Last-Modified: Wed, 16 Nov 2022 20:46:58 GMT
Server: AmazonS3
ETag: "c52c8ceae71955c24b932d315615a0a1"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Accept-Ranges: bytes
X-Amz-Cf-Id: ALHixK2mQcFyteJmpDyDf3fBtKbfCAq49reZhi0gy6N2Zf0X-FIMvA==

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 299ms
77ms Script
application/javascript 23.7.64.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.7.64.229 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-7-64-229.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://venom.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 29 Dec 2023 19:12:13 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 05 Jan 2024 19:12:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 68ms
67ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9096304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-3944448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b77781c1d215c69287e590007157a5876cc5ae764453b4555b7aa8613b79f35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67457
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Dec 2023 19:12:13 GMT

GET
H2

200

activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F Show response
3944448.fls.doubleclick.net/ Frame 0653
Redirect Chain

https://3944448.fls.doubleclick.net/activityi;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com...
https://3944448.fls.doubleclick.net/activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;ep...

503 B
447 B

96ms
73ms

Document
text/html

172.253.115.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3944448.fls.doubleclick.net/activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-3944448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f149.1e100.net

Software

cafe /

Resource Hash

13f226af92b84c7776b2064167e0b9798c9818e9cd10715fa9aae52632f22f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 19:12:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 19:12:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3944448.fls.doubleclick.net/activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 89ms
88ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-925733351&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-3944448

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab8e8eaf6b2893482c1e6b5cdadc32f31a09b8bfceb499dc7ed91145f977df50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76499
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Dec 2023 19:12:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945804815/ 2 KB
2 KB 226ms
73ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945804815/?random=1703877133722&cv=11&fst=1703877133722&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v897312783&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fvenom.com%2F&hn=www.googleadservices.com&frm=0&tiba=Marvel.com&auid=873997013.1703877134&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-945804815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7fde4bc9a73bd058e60e4780221b689b7aa30c7250285b5f348cc18c3842348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1230
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 451745415265867 Show response
connect.facebook.net/signals/config/ 143 KB
37 KB 233ms
167ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/451745415265867?v=2.9.138&r=stable&domain=venom.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

723d625ce6a4106fa1f06b21fac0930e6973387616a41c39ddafe96ffcbe1d57

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 29 Dec 2023 19:12:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: MCjOwDnsCGK3atPU5Isn5b6GNVQUtTQ0Ei+lqZkVZl2CGP14eWvoinI+WB9yq8FqtQGTIU1SpM5AjliDLMwiLQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=15266201&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703877133853&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2F&c8=Marvel.com&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=15266201&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703877133853&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2F&c8=Marvel.com&c9=

0
226 B

81ms
68ms

Image
text/plain

18.238.49.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=15266201&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703877133853&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2F&c8=Marvel.com&c9=
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: H2
Server: 18.238.49.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-52.jfk52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:14 GMT
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK52-P3
x-amz-cf-id: pQ-RjC7GTZ9MCqUGFZpJoQ216c4-3vxyyJqQaSO6T8I8nIXdCBpOFg==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 29 Dec 2023 19:12:14 GMT
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK52-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=15266201&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1703877133853&ns_c=UTF-8&c7=http%3A%2F%2Fvenom.com%2F&c8=Marvel.com&c9=
content-length: 0
x-amz-cf-id: eAcREbOagQg4LtILaiFGNanquTFKrvLRHl-KOvZW52hg7zLfjNbqsA==

GET
H3

200

activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.... Show response
9096304.fls.doubleclick.net/ Frame 7068
Redirect Chain

https://9096304.fls.doubleclick.net/activityi;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fveno...
https://9096304.fls.doubleclick.net/activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma...

420 B
261 B

88ms
78ms

Document
text/html

172.253.115.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9096304.fls.doubleclick.net/activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9096304&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f149.1e100.net

Software

cafe /

Resource Hash

e9245f81c4cd89b2f843b341861b84039f5c3bebb2a35b6e3ff22c6cd2bc7fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 19:12:14 GMT
expires: Fri, 29 Dec 2023 19:12:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 19:12:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9096304.fls.doubleclick.net/activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/925733351/ 2 KB
1 KB 109ms
61ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925733351/?random=1703877134035&cv=11&fst=1703877134035&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=http%3A%2F%2Fvenom.com%2F&hn=www.googleadservices.com&frm=0&tiba=Marvel.com&auid=873997013.1703877134&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-925733351&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88ce9662dc76509851d27345ee0cd5bb3627dba11d123dd0034ac8a5f2deecc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56546 Show response
stags.bluekai.com/site/ Frame C89E 71 B
600 B 540ms
201ms Document
text/html 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/56546?ret=html&phint=__bk_t%3DMarvel.com&phint=__bk_k%3D&phint=__bk_l%3Dhttp%3A%2F%2Fvenom.com%2F&phint=__bk_v%3D3.1.10&limit=1&r=80764799
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

bk-server: 3610
content-length: 71
content-type: text/html
date: Fri, 29 Dec 2023 19:12:14 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 5C4C 194 B
440 B 464ms
127ms Document
text/html 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F

Requested by

Host: 3944448.fls.doubleclick.net
URL: https://3944448.fls.doubleclick.net/activityi;dc_pre=CNKRvPqstYMDFXyJdwEdqZgIMQ;src=3944448;type=p_mar0;cat=p_mar0;ord=6458957989196;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3944448.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Dec 2023 19:12:14 GMT
expires: Fri, 29 Dec 2023 19:12:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/945804815/ 42 B
455 B 407ms
73ms Image
image/gif 2607:f8b0:4004:c1b::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945804815/?random=1703877133722&cv=11&fst=1703876400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v897312783&u_w=1600&u_h=1200&url=http%3A%2F%2Fvenom.com%2F&frm=0&tiba=Marvel.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_w9hHCcUSOxw1bdChkFqF5XTUehZCHQ&random=82682307&rmt_tld=0&ipr=y

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Set1=en...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Se...

1 KB
1 KB

86ms
82ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

703cb89d398b0c42d231d0a7314f3196499aeec49eef7992c370c2a6419b5de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 877
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 658ms
65ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=451745415265867&ev=PageView&dl=http%3A%2F%2Fvenom.com%2F&rl=&if=false&ts=1703877134352&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703877134333.1365959941&cs_est=true&ler=empty&it=1703877133820&coo=false&rqm=GET

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 29 Dec 2023 19:12:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 0
bat.bing.com/action/ 0
359 B 81ms
57ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56004448&Ver=2&mid=a903fdd7-a038-4eae-8dbd-953fb053e347&sid=2cd9b6b0a67e11eeab14e17358156422&vid=2cdbace0a67e11eeb7acd1f077dd6cfc&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Marvel.com&p=http%3A%2F%2Fvenom.com%2F&r=&lt=1952&evt=pageLoad&sv=1&rn=779745

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 29 Dec 2023 19:12:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47BCB2F8C8734F91A6D95F5A888B0D30 Ref B: MIAEDGE2908 Ref C: 2023-12-29T19:12:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=*;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F
adservice.google.com/ddm/fls/z/ Frame 7068 42 B
173 B 278ms
129ms Image
image/gif 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=*;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F

Requested by

Host: 9096304.fls.doubleclick.net
URL: https://9096304.fls.doubleclick.net/activityi;dc_pre=CMqJxfqstYMDFagFTwgdc68Ewg;src=9096304;type=marus;cat=marus0;ord=1;num=1776064196483;auiddc=873997013.1703877134;gtm=45fe3bt0;gcd=11l1l1l1l1;dma=0;epver=2;~oref=http%3A%2F%2Fvenom.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://9096304.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/925733351/ 42 B
108 B 223ms
83ms Image
image/gif 2607:f8b0:4004:c1b::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/925733351/?random=1703877134035&cv=11&fst=1703876400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=http%3A%2F%2Fvenom.com%2F&frm=0&tiba=Marvel.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_joLCkJtEmukLrK2ZnaZqrkXm_-4EQTMxyjt_VkgmPMY4vkrU&random=1997397025&rmt_tld=0&ipr=y

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 4B93 6 KB
3 KB 87ms
71ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&rnd=1434404518&cpref=&loc=http%3a%2f%2fvenom.com%2f

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

27ec378d805f173eae40847e08d693c34e5758560a138a456fe650ae49152d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Dec 2023 19:12:14 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 900C 4 KB
2 KB 235ms
71ms Document
text/html 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=Universal&ADFdivider=%7C&ord=412529322500&ADFtpmode=2&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&loc=http%3A%2F%2Fvenom.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

516f2e197e5c584533c68dc7267634b8e77373916e72b3c9b9f0a76ba22bb6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://venom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 19:12:14 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
458 B 375ms
69ms Image
image/gif 185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=2894385099841259782&stamp=RwDBfcC7PPQDvP-67D9Y4w2

Requested by

Host: venom.com
URL: http://venom.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://venom.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 4B93 56 KB
15 KB 220ms
62ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:14 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000120-IAD

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 4B93 81 KB
31 KB 138ms
137ms Script
application/javascript 185.167.164.44
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.167.164.44 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:14 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000002c3f35d322d138ac-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT, HIT, HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 4B93 41 KB
18 KB 354ms
91ms Script
application/javascript 18.238.74.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.74.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-74-246.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab12e815caea6aba8fe2da60e7d298cccb649166f81926ff64e5dc56ea526522

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:14 GMT
content-encoding: gzip
via: 1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: X9iQPOGM_NbpZrTteZJXotOrjvBup6DP5ZE5tbCEtDSIikbCeZ_Gpg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4B93 5 KB
2 KB 399ms
99ms Script
application/javascript 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA5RTV3C77U3BC95G1A0&lib=ttq
Requested by: Host: venom.com
URL: http://venom.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2635f7659c4a542d4dc4baee1882fd2d8446af0b555f93b10c4a222f9eb0e44e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 15b69254
date: Fri, 29 Dec 2023 19:12:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231229191215DF1A80B7D80C08FECE4C-6848015DB40C2C33-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=16
content-length: 1735
pragma: no-cache
server: nginx
x-tt-logid: 20231229191215DF1A80B7D80C08FECE4C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda22ded87ab8276662381f27d3267363025bcfb3b29ed79ad600d70e3dc096b84628d8253f101b26151fae74b9114f4f1fae55f5ed54c4e7f9f39b7d415ac7c255c8
expires: Fri, 29 Dec 2023 19:12:15 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 900C 0
384 B 78ms
72ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame 900C 43 B
199 B 242ms
71ms Image
image/gif 44.215.14.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2894385099841259782&Expiration=1705086725
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.215.14.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-14-157.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 19:12:14 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 900C 0
400 B 426ms
197ms Image
text/plain 23.56.212.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.212.125 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-212-125.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:15 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 28 Dec 2023 19:12:15 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 900C 0
664 B 576ms
66ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b6c391ede0c9b3c7eab11a335db29fb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame 900C 0
38 B 532ms
132ms Image
text/plain 18.156.154.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2894385099841259782&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.154.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-154-47.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
content-length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 900C
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2894385099841259782&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
https://c1.adform.net/serving/cookie/match?party=10&cid=8806977007108321

35 B
600 B

99ms
54ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10&cid=8806977007108321

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=10&cid=8806977007108321
pragma: no-cache
date: Fri, 29 Dec 2023 19:12:14 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 900C 43 B
639 B 879ms
105ms Image
image/gif 63.251.28.134
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:15 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1703877135603062-142

GET
H2

204

/
csync.loopme.me/ Frame 900C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=2894385099841259782
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=2894385099841259782
https://csync.loopme.me/?partner_id=1196&uid=12fe5331-12a2-4d9e-9624-007e0567077c&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
155 B

529ms
183ms

Image
text/plain

35.214.136.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?partner_id=1196&uid=12fe5331-12a2-4d9e-9624-007e0567077c&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 35.214.136.251 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 251.136.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
server: _

Redirect headers

Location: //csync.loopme.me/?partner_id=1196&uid=12fe5331-12a2-4d9e-9624-007e0567077c&vt=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Fri, 29 Dec 2023 19:12:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 900C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2894385099841259782&expiration=1705086725
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2894385099841259782&expiration=1705086725&C=1

43 B
543 B

104ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2894385099841259782&expiration=1705086725&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leVWKOjeeYAJHP3YXBCwemkiWDFXu1WKr%2BMJYY9QI0fYd2%2BP%2BZSHlmM%2FNWDc5PqNXjZ%2BoaAjRHXaSlEW37%2B2AmOnWlWfUqfyJofHGbLqzo%2FHvuD4aIe3s1HXGddBxnwKtqrkYtguGd%2BEYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83d45a7e6d757440-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCOCPKKknSgjZAEWnLRxx8NE2rVqKBEejCfc1rLr7JaUtVDAJ0I6a6m2mXxnlKxSGAcSqpcrFYp6V531uwiu7lJ%2Bvopn8GXQyOCy%2BZIzUPK%2FlLAFsOPD4lGm9e%2FyFyustSt8DcGsRL60Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=2894385099841259782&expiration=1705086725&C=1
cache-control: no-cache
cf-ray: 83d45a7d7b5a7440-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/adform/1/ Frame 900C
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2894385099841259782&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2894385099841259782&sInitiator=external

42 B
604 B

79ms
70ms

Image
image/gif

50.57.31.206
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2894385099841259782&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Server: 50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:15 GMT
Frontend-ID: 13
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type: image/gif
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Content-Length: 42
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:15 GMT
Frontend-ID: 1
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: /adform/1/info2?sType=sync&sExtCookieId=2894385099841259782&sInitiator=external
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 900C
Redirect Chain

https://ps.eyeota.net/match?uid=2894385099841259782&bid=9gdtmu1
https://ps.eyeota.net/match/bounce/?uid=2894385099841259782&bid=9gdtmu1

70 B
440 B

76ms
62ms

Image
image/gif

54.156.26.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=2894385099841259782&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Server: 54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-26-12.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 29 Dec 2023 19:12:15 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=2894385099841259782&bid=9gdtmu1
Date: Fri, 29 Dec 2023 19:12:15 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 900C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2894385099841259782
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2894385099841259782&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
385 B

320ms
69ms

Image
image/gif

2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Fri, 29 Dec 2023 19:12:16 GMT
x-age-lb: 982640
x-77-cache: HIT
x-accel-date: 1702894496
content-length: 43
x-77-nzt: EQwBWbuxDwH3cP4OAA
x-accel-expires: @1703931296
x-77-age: 982640
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 49be14084a538e11101a8f659808f300
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Fri, 29 Dec 2023 19:12:15 GMT
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 900C
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=2894385099841259782
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMjg5NDM4NTA5OTg0MTI1OTc4MhAAGg0Ij7S8rAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&rand=03868884
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&rand=03868884&expected_cookie=784193c7-c041-48b7-a8b4-70601606a073

0
141 B

91ms
87ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&rand=03868884&expected_cookie=784193c7-c041-48b7-a8b4-70601606a073
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B2A44E7E3B48426697CDAB02F7EB046C Ref B: MIAEDGE1413 Ref C: 2023-12-29T19:12:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNqs9xmYv0SO4AHf33Aw==

Redirect headers

date: Fri, 29 Dec 2023 19:12:15 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B56602E8242C4ADA9E5229C530C5B28B Ref B: MIAEDGE1413 Ref C: 2023-12-29T19:12:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=55fc9472997b8e28b14bb401508d17e3f90094a50e3ef07561db0aaa69686268791426b5417dce21&rand=03868884&expected_cookie=784193c7-c041-48b7-a8b4-70601606a073
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNqs9vmzavpuSI/SAXNw==

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/ Frame 900C
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/gdpr_consent=

49 B
546 B

74ms
72ms

Image
image/gif

44.220.113.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 44.220.113.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-220-113-151.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.51.184
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=2894385099841259782/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.40.14.130
content-length: 0
expires: 0

GET
H2

200

2981
tags.bluekai.com/site/ Frame 900C
Redirect Chain

https://tags.bluekai.com/site/29729?id=2894385099841259782
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=Q3pFNHZXNFU5OVlnV1Iyaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEDsthUXY-HTvrj7BKU75E_I&google_cver=1

62 B
306 B

171ms
161ms

Image
image/gif

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEDsthUXY-HTvrj7BKU75E_I&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 29 Dec 2023 19:12:15 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEDsthUXY-HTvrj7BKU75E_I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 900C
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2894385099841259782
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2894385099841259782

43 B
171 B

49ms
47ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=2894385099841259782
date: Fri, 29 Dec 2023 19:12:15 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 900C
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

499ms
164ms

Image
image/gif

52.218.101.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Server: 52.218.101.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 19:12:17 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: WA5R5RDQG31VT3BQ
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: httv7xFOo49g69v1KAeqZ9So7R7kQsuKc7iRrGvX3VoxG+bQdkGf+LDcrk+zySUjgALV0W97Gkc=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 29 Dec 2023 19:12:14 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 900C 0
338 B 237ms
59ms Image
text/plain 34.197.227.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.227.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-227-33.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n004-ash-prod.krxd.net
date: Fri, 29 Dec 2023 19:12:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1703877135
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 900C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=Mjg5NDM4NTA5OTg0MTI1OTc4Mg
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAxYo7t_cWMFqcbaqOZ1MUQ&google_cver=1&google_ula=1641347,0

35 B
600 B

94ms
93ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAxYo7t_cWMFqcbaqOZ1MUQ&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAxYo7t_cWMFqcbaqOZ1MUQ&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 900C 0
384 B 107ms
106ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

setuid
secure.adnxs.com/ Frame 900C
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=5615141883278399293&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=2894385099841259782

43 B
831 B

78ms
73ms

Image
image/gif

68.67.179.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=2894385099841259782

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
an-x-request-uuid: ae04700d-34cf-44a5-89e3-0430fab375ae
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=2894385099841259782
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 900C 42 B
472 B 346ms
67ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 29 Dec 2023 19:12:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 900C 43 B
444 B 327ms
68ms Image
image/gif 18.238.55.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-84.jfk52.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 23:32:04 GMT
Via: 1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: JFK52-P4
Age: 70812
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: rkY-fJPR0ZeFtcFgcsM-Vp90ok8AIiRnT_-EJt7ZAp5PSmpVk4JuDQ==

GET
H/1.1

200

p
a.audrte.com/ Frame 900C
Redirect Chain

https://a.audrte.com/a?adform_uid=2894385099841259782
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmU0blJKRXpUMVBTUWlJMnc2dGhwLWRWZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

147ms
145ms

Image
image/png

34.255.227.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: HTTP/1.1
Server: 34.255.227.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-227-21.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 19:12:16 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 29 Dec 2023 19:12:16 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 900C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2894385099841259782&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2894385099841259782&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=61752508712521087063477347014333764914&noredirect=1

35 B
591 B

78ms
77ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=61752508712521087063477347014333764914&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-va6-1-v053-0327ea3d6.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: bflOSRUhSrI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=61752508712521087063477347014333764914&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 900C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2894385099841259782
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=261610004745008501436

35 B
591 B

104ms
69ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=261610004745008501436

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=261610004745008501436
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: kgysg8bDt2H0eK1QouLNDuTTqjyd5w8qC_7R53ET4IIWUrGhdy1K_A==
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 900C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7318096575533086877

35 B
591 B

77ms
67ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7318096575533086877

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7318096575533086877
Date: Fri, 29 Dec 2023 19:12:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame 900C 62 B
306 B 588ms
587ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 29 Dec 2023 19:12:16 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 900C
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=gnwOa5Uc1Rjihi5

35 B
600 B

105ms
69ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=gnwOa5Uc1Rjihi5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-03e8869aed321456e@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=gnwOa5Uc1Rjihi5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 900C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc

35 B
600 B

91ms
69ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc
date: Fri, 29 Dec 2023 19:12:16 GMT
server: Kestrel
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame 900C 0
0

GET
H2

200

3.gif
id5-sync.com/c/10/2/0/ Frame 900C
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=2894385099841259782
https://id5-sync.com/c/10/10/2/1.gif?puid=2894385099841259782&gdpr=0&gdpr_consent=&us_privacy=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9afb56O-BWh8todcKRI_kjWUKY8dlKLqIuFWj15I4w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9afb56O-BWh8todcKRI_kjWUKY8dlKLqIuFWj15I4w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpu...
https://id5-sync.com/cq/10/124/1/2.gif?puid=7c6743f7-67e9-44b4-8854-3dfa2c5fd1cf&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/0/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/10/2/0/3.gif?puid=5615141883278399293&gdpr=0&gdpr_consent=

43 B
1 KB

151ms
150ms

Image
image/gif

162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/10/2/0/3.gif?puid=5615141883278399293&gdpr=0&gdpr_consent=

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:17 GMT
an-x-request-uuid: 5f56574e-67ea-4614-a0bb-3015aadfc98e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://id5-sync.com/c/10/2/0/3.gif?puid=5615141883278399293&gdpr=0&gdpr_consent=
x-proxy-origin: 38.132.118.67; 38.132.118.67; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 900C
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3270138647
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.KyFzomDblz7RDBmNYKbNe

35 B
591 B

85ms
72ms

Image
image/gif

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.KyFzomDblz7RDBmNYKbNe

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
via: 1.1 google
last-modified: Fri, 29 Dec 2023 19:12:16 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.KyFzomDblz7RDBmNYKbNe
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 900C 23 B
278 B 402ms
125ms Image
image/gif 69.192.109.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.109.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-215.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 29 Dec 2023 19:12:16 GMT
pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 900C
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2894385099841259782
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2e86721743&gdpr=0&gdpr_consent=

0
374 B

256ms
73ms

Image
text/plain

141.226.224.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2e86721743&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 141.226.224.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67368

Redirect headers

date: Fri, 29 Dec 2023 19:12:16 GMT
via: 1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
location: https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2e86721743&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: o_EVaI0vcGhSLdj6j98m3qmo1XX2S-Ilt-RRG5yXYaLAt7CzeeEeog==

GET
H2 200 2894385099841259782
match.contentexchange.me/adform/ Frame 900C 0
49 B 526ms
156ms Image
text/plain 46.19.11.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/2894385099841259782?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 900C 43 B
109 B 281ms
102ms Image
image/gif 34.197.216.192

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=16974&user_id=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.216.192 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 900C
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=2894385099841259782&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2894385099841259782&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

83ms
82ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=2894385099841259782&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 29 Dec 2023 19:12:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=2894385099841259782&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date: Fri, 29 Dec 2023 19:12:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 put
e1.emxdgt.com/ Frame 900C 43 B
120 B 287ms
57ms Image
image/gif 44.212.89.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=2894385099841259782
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.212.89.30 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2 200 plf
c1.adform.net/imatch/ Frame 900C 0
384 B 79ms
72ms Image
text/plain 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=2894385099841259782&agencyId=2364&advertiserId=2057003&src=tp&rnd=129835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 4B93 341 B
871 B 603ms
161ms Script
text/javascript 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1913694&ADFPageName=US%20Universal&ADFdivider=%7C&ord=361677270327&ADFtpmode=2&CPref=http%3A%2F%2Fvenom.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f95f8c987824e5c06ac2bf4acc789a1444a9e76be34c179acd62a3d271bf2641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 341
expires: -1

GET
H2 200 adsct
t.co/i/ Frame 4B93 43 B
376 B 326ms
107ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=51e4aef9-c2f3-431f-8720-7702f235ecf6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=210019ca-8cf3-40dc-b3f0-2faac267032f&tw_document_href=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D63549989%26ctype%3D0%26media%3D0%26PageName%3DUniversal%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9%26rnd%3D1434404518%26cpref%3D%26loc%3Dhttp%253a%252f%252fvenom.com%252f&tw_document_referrer=http%3A%2F%2Fvenom.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kqg&type=javascript&version=2.3.29

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1913694&lid=63549989&ctype=0&media=0&PageName=Universal&sysvars=%7c%7c%7c%7c&itm=eyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9&rnd=1434404518&cpref=&loc=http%3a%2f%2fvenom.com%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 75
date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 1142a5ebf9eca8b2
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: b1468abd5bf9a7814010f32ca23a41fb08467466af70d00a0635b784628f4426
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 4B93 43 B
393 B 247ms
27ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=51e4aef9-c2f3-431f-8720-7702f235ecf6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=210019ca-8cf3-40dc-b3f0-2faac267032f&tw_document_href=https%3A%2F%2Fa2.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D63549989%26ctype%3D0%26media%3D0%26PageName%3DUniversal%26sysvars%3D%257c%257c%257c%257c%26itm%3DeyJzdjEiOiJodHRwOi8vdmVub20uY29tLyJ9%26rnd%3D1434404518%26cpref%3D%26loc%3Dhttp%253a%252f%252fvenom.com%252f&tw_document_referrer=http%3A%2F%2Fvenom.com%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kqg&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 5
date: Fri, 29 Dec 2023 19:12:14 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: cd32f0d107050d34
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 7a74d473ffb37f038a07e15543865f1b095e690727cd33241b511de7307cb8f2
content-length: 43

GET
H2 200 a677d388-f7e6-4d61-962a-62aed58aa812.js Show response
tr.snapchat.com/config/net/ Frame 4B93 195 B
476 B 266ms
96ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/net/a677d388-f7e6-4d61-962a-62aed58aa812.js?v=3.7.3-2312182359

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

241888848ba27fe4a645b2031fe503a6f93b5a412eaa62ec6b14eac7a77d2d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://a2.adform.net/
Origin: https://a2.adform.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://a2.adform.net
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 80EC 0
55 B 262ms
108ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a677d388-f7e6-4d61-962a-62aed58aa812&u_scsid=b5711e17-15b8-4e45-bc79-7e0ad8201dc5&u_sclid=8a7d8ac8-8c2d-4420-8b55-f669f5759cd7

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 29 Dec 2023 19:12:15 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 9

GET
H2 200 main.MWNkZmM2YTcxNQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 4B93 455 KB
117 KB 91ms
67ms Script
application/javascript 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CA5RTV3C77U3BC95G1A0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d6c4d0f6c0243be96359698866dd471c961e463dbc5604aebc1c36a229ba303

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 15b69282
date: Fri, 29 Dec 2023 19:12:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231221122625BD6BA11892835E57D296
x-tt-trace-id: 00-231221122625BD6BA11892835E57D296-331F32B3A94AD8CB-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01991e19a94e685d249090359755a6d58391e8657058affee224f7871c10c3a9bf88a99088770a9aa730b97ab1a7cb9c992f5307cf7921f1e8640f1a7e27504eeba1c7296c69da57ab89318cf257ae04e8031599b6fc7d9c8bd12760fa96d43b53
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 119123

POST
H2 200 p
tr.snapchat.com/ Frame 4B93 0
252 B 101ms
85ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://a2.adform.net
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 identify_ce767.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 4B93 135 KB
36 KB 74ms
73ms Script
application/javascript 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a2.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 15b692cf
date: Fri, 29 Dec 2023 19:12:15 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023122112255712C6E203A1B65500449A
x-tt-trace-id: 00-23122112255712C6E203A1B65500449A-006DD0ECF0B32D9B-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d44f75e3c50d4cd8ff5f761a2a2c48f803810b1315d1edde1c274c437756d6180f3701ba2b9e78a207df916af63bd617585cc0a901ef3ae6d1c787340eacd652584584a4bfe50e5c08fe2348bd410e081d85bd22244898be4740aa5b72cc5633
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 36036

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
698 B 99ms
96ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692dc
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231229191215AB3FE14A26B30F1E4145-2937D1BD020A6718-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=11, cdn-cache; desc=MISS, edge; dur=5, origin; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231229191215AB3FE14A26B30F1E4145
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda22c0d4d7d17cd4934e95359d9faf600dc3f68c6371849e86f88b0e7eed78f539980f76f452e0e142f99cb1e79a1c180b9c8271ba3b8225780090378dca87ad27fd
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
699 B 306ms
305ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692dd
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312291912151409025D3255942CCE17-44B653300CF256EC-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=215, cdn-cache; desc=MISS, edge; dur=5, origin; dur=223
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312291912151409025D3255942CCE17
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 223,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda2297ca557d12d670f09071d5ab6ac646bbfeba65e95995b67e6e33f13759ef5540af580b9a488e1e0fa4b960b2b71f551cba518d58c9ce4857ca7dac8dc2552afc
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
695 B 123ms
122ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692de
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231229191215240E55273424951C2C22-63BD6B60D1E23527-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=7, origin; dur=44
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231229191215240E55273424951C2C22
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda224491696c3a3c6f876cbe7ce3a3ef52093481a4a022ae94a625b0cfcf1b8f08ae63798a16c2620196ce6a6167c91bd11e5c72252fc76d67c5124ebf40b11df53f
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
700 B 309ms
307ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692ec
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312291912150CB543753A4A1756EB49-23A51454C8F70928-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=206, cdn-cache; desc=MISS, edge; dur=4, origin; dur=216
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312291912150CB543753A4A1756EB49
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 216,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda2207d73c9038051b1263358c9c576835206ee503599e2acfdb356c1d6c18e0babd81716f63bb9a1adae306d8ee6cb7406a9f51fcb94eeaa0b6d15b1f83b0ef6e35
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
697 B 108ms
107ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692ed
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231229191215CAB41C5C076B22087A0B-5289D02FF4B556C0-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=4, origin; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231229191215CAB41C5C076B22087A0B
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda224491696c3a3c6f876cbe7ce3a3ef52091c8f530e3aad409856e1c3dfb62f08315b64674ccf1bffb05fe1281b65e30c941a9f1f1e0748f639ce900f1e47c39bdd
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
699 B 166ms
164ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692ee
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231229191215AB3FE14A26B30F1E414F-6802D27803433CB5-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=35, origin; dur=42
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231229191215AB3FE14A26B30F1E414F
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda22c0d4d7d17cd4934e95359d9faf600dc38498d0abdb6cc51775ee41d78d75199ad8362672424b5e59b41f42c6e4926ad8f3fec79274403135693eec5da0a603ef
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
695 B 120ms
119ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692f4
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312291912151AF901E3A196BB75E69E-165FB20318A792B0-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=5, origin; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312291912151AF901E3A196BB75E69E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda22aca7f351acb643d7a61d7c263de32e745412e06e28c42d67059f688e7edb285750f4f6419dbc21bacd2990dc6410232c0e5a605eaa676a1d12d3a5136f612449
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 4B93 0
695 B 158ms
158ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692f5
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23122919121550E0902FBF428A1780A0-41E81C7822BF3241-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=43, cdn-cache; desc=MISS, edge; dur=4, origin; dur=53
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023122919121550E0902FBF428A1780A0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 53,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda22dcf4b00ac60ffc4ffab2d35062c64aa34291d10ad7a1eeed45c049c6d01f80f237ab2c2d98b75859553a53aede7dab9952709b4fe8c997f6008672dc5b0aae07
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

POST
H2 200 p
tr.snapchat.com/ Frame 4B93 0
45 B 89ms
89ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 29 Dec 2023 19:12:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://a2.adform.net
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 / Show response
track.adform.net/serving/container/ Frame AD24 4 KB
2 KB 168ms
167ms Document
text/html 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/container/?pm=1913694&lid=121292221&ctype=0&media=0&PageName=US+Universal&rnd=1438070517&cpref=http%3a%2f%2fvenom.com%2f&loc=https%3a%2f%2fa2.adform.net%2f

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

410f324aabf95eb466c54c9f069b9ef135c288c8dfb3e71018bad9293c671f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://a2.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Dec 2023 19:12:15 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ Frame 4B93 0
701 B 223ms
222ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b692f7
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231229191215F69CEE1BA50432DDD7D8-63242787E342FC71-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=125, cdn-cache; desc=MISS, edge; dur=5, origin; dur=135
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231229191215F69CEE1BA50432DDD7D8
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 135,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda224489e646de12a666c77c87d386298b01b5f6708509186d22261c84504d38e81a1aad6db7eeb7c6c77ab56a6e1a37a17acdf179661be24df30a5933b91fad42d4
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame AD24 5 KB
3 KB 220ms
63ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=1913694&lid=121292221&ctype=0&media=0&PageName=US+Universal&rnd=1438070517&cpref=http%3a%2f%2fvenom.com%2f&loc=https%3a%2f%2fa2.adform.net%2f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 01:34:58 GMT
Content-Encoding: gzip
Via: 1.1 f28d01ff99a9babe0b725f1873c60b2a.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C3
Age: 63438
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 5PoKTLHFL5rR--gOu4GPfLrn_sn2AZvgsKdBC40X7R3GA4VrnQZUXA==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ Frame 4B93 0
695 B 150ms
99ms Ping
text/plain 23.49.248.198
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.198 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-198.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a2.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 15b69330
date: Fri, 29 Dec 2023 19:12:15 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23122919121550E0902FBF428A1780BA-3934614DB3ED3E76-00
x-cache: TCP_MISS from a23-40-19-198.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=6, origin; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023122919121550E0902FBF428A1780BA
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.40.19.198
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa8781a8e5f2f8a724aee4e24388356fda22dcf4b00ac60ffc4ffab2d35062c64aa38f0dc9e9079de85b1e622e250600c494006d25c62af1470bb6519aa7fcaa52504bbe11210a09eb8d341604732045ee5b
access-control-allow-headers: Authorization,*
expires: Fri, 29 Dec 2023 19:12:15 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame E332
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-harg...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-harg...

2 KB
2 KB

100ms
94ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800&dcc=t

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=1913694&lid=121292221&ctype=0&media=0&PageName=US+Universal&rnd=1438070517&cpref=http%3a%2f%2fvenom.com%2f&loc=https%3a%2f%2fa2.adform.net%2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

b2265383ee10109baa9a6d2eb1362ae4e9a30782d042c54a300a2ad4c9b18306

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://track.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1695
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 29 Dec 2023 19:12:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: Y70D15VZNVM5S922GK7N

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 29 Dec 2023 19:12:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2NRR4M3RSNF9AFX1CR5W

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame AD24 56 KB
15 KB 68ms
62ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=1913694&lid=121292221&ctype=0&media=0&PageName=US+Universal&rnd=1438070517&cpref=http%3a%2f%2fvenom.com%2f&loc=https%3a%2f%2fa2.adform.net%2f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kiad7000120-IAD

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame AD24 41 KB
18 KB 73ms
71ms Script
application/javascript 18.238.74.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/serving/container/?pm=1913694&lid=121292221&ctype=0&media=0&PageName=US+Universal&rnd=1438070517&cpref=http%3a%2f%2fvenom.com%2f&loc=https%3a%2f%2fa2.adform.net%2f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.74.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-74-246.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab12e815caea6aba8fe2da60e7d298cccb649166f81926ff64e5dc56ea526522

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 00:22:53 GMT
content-encoding: gzip
via: 1.1 1c7f2d03ad31a748ff5915695aa85442.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
age: 67763
etag: b0abdf9f9dff4cfeb2717a9960d575ec
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: LocxvhDyiT0aL-icmSDlEi5SvnJzA64XP7d6hKHYsy-VnPwYZp8YUg==

GET
H2 200 a677d388-f7e6-4d61-962a-62aed58aa812.js Show response
tr.snapchat.com/config/net/ Frame AD24 195 B
268 B 95ms
87ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/net/a677d388-f7e6-4d61-962a-62aed58aa812.js?v=3.7.3-2312182359

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

241888848ba27fe4a645b2031fe503a6f93b5a412eaa62ec6b14eac7a77d2d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
Origin: https://track.adform.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://track.adform.net
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 195

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 9BEA 0
47 B 131ms
74ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a677d388-f7e6-4d61-962a-62aed58aa812&u_scsid=87959dcc-93b5-4c3e-b8c2-09c59ccd0d85&u_sclid=1a69696a-5f07-45eb-9978-1a341a666631

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 29 Dec 2023 19:12:16 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 11

GET
H2 200 adsct
t.co/i/ Frame AD24 43 B
94 B 144ms
125ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=5&eci=2&event_id=b0713c01-f960-44e9-a2ac-928e8c85476c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0cca1e7f-cb51-4eb9-842b-228ae5b0474c&tw_document_href=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D121292221%26ctype%3D0%26media%3D0%26PageName%3DUS%2BUniversal%26rnd%3D1438070517%26cpref%3Dhttp%253a%252f%252fvenom.com%252f%26loc%3Dhttps%253a%252f%252fa2.adform.net%252f&tw_document_referrer=https%3A%2F%2Fa2.adform.net%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kqg&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 77
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 59b33279a520ce59
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: b1468abd5bf9a7814010f32ca23a41fb08467466af70d00a0635b784628f4426
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame AD24 43 B
93 B 149ms
131ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=5&eci=2&event_id=b0713c01-f960-44e9-a2ac-928e8c85476c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0cca1e7f-cb51-4eb9-842b-228ae5b0474c&tw_document_href=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D121292221%26ctype%3D0%26media%3D0%26PageName%3DUS%2BUniversal%26rnd%3D1438070517%26cpref%3Dhttp%253a%252f%252fvenom.com%252f%26loc%3Dhttps%253a%252f%252fa2.adform.net%252f&tw_document_referrer=https%3A%2F%2Fa2.adform.net%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5kqg&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 83
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: f46401aee238be62
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 7a74d473ffb37f038a07e15543865f1b095e690727cd33241b511de7307cb8f2
content-length: 43

GET
H2 200 adsct
t.co/1/i/ Frame AD24 43 B
117 B 141ms
123ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=2c1e989e-4989-4b0f-9769-5fbc405bc358&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0cca1e7f-cb51-4eb9-842b-228ae5b0474c&tw_document_href=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D121292221%26ctype%3D0%26media%3D0%26PageName%3DUS%2BUniversal%26rnd%3D1438070517%26cpref%3Dhttp%253a%252f%252fvenom.com%252f%26loc%3Dhttps%253a%252f%252fa2.adform.net%252f&tw_document_referrer=https%3A%2F%2Fa2.adform.net%2F&tw_iframe_status=1&txn_id=o5kpx&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 76
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 87cc886bf6fde2ad
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: b1468abd5bf9a7814010f32ca23a41fb08467466af70d00a0635b784628f4426
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ Frame AD24 43 B
448 B 131ms
113ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=2c1e989e-4989-4b0f-9769-5fbc405bc358&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0cca1e7f-cb51-4eb9-842b-228ae5b0474c&tw_document_href=https%3A%2F%2Ftrack.adform.net%2Fserving%2Fcontainer%2F%3Fpm%3D1913694%26lid%3D121292221%26ctype%3D0%26media%3D0%26PageName%3DUS%2BUniversal%26rnd%3D1438070517%26cpref%3Dhttp%253a%252f%252fvenom.com%252f%26loc%3Dhttps%253a%252f%252fa2.adform.net%252f&tw_document_referrer=https%3A%2F%2Fa2.adform.net%2F&tw_iframe_status=1&txn_id=o5kpx&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://track.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 69
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 150a76982874475e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 7a74d473ffb37f038a07e15543865f1b095e690727cd33241b511de7307cb8f2
content-length: 43

POST
H3 200 p
tr.snapchat.com/ Frame AD24 0
16 B 92ms
90ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://track.adform.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://track.adform.net
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 50C2 7 KB
8 KB 71ms
64ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

aaf2144994a6526fbb99f8c17c763442d74df9f1a235fed67449ec86f96892c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3Da30eb0ac-cff7-911b-b6de-deb533e4d596%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.marvel.com/mu-21ironmanannualplus&ex-hargs=v%3D1.0%3Bc%3D1536819680101%3Bp%3DA30EB0AC-CFF7-911B-B6DE-DEB533E4D596&cb=722623140350026800&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 7544
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 29 Dec 2023 19:12:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: XSFG69ZBM6ASK8AED1ZD

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=BYDzLDMoR3iwaczOdtmGLQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BYDzLDMoR3iwaczOdtmGLQ

43 B
479 B

83ms
69ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BYDzLDMoR3iwaczOdtmGLQ

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F3B33PS660MWC7AD0849
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
an-x-request-uuid: 30078956-4acb-4586-ad84-23c033998285
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BYDzLDMoR3iwaczOdtmGLQ
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
match.360yield.com/ Frame 50C2 43 B
198 B 93ms
81ms Image
image/gif 44.215.14.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=97DMTYrBTRu7PJgc6XvbCg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.215.14.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-14-157.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 19:12:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 50C2 43 B
435 B 97ms
75ms Image
image/gif 216.22.16.72
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=AXLBuHrjQ72bzsCKALx9kw
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.22.16.72 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=FdKZNeTnSmCtKSBtPhxAog&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZY8aDsX7CKcQ0gM-GILyvQAA

43 B
479 B

197ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZY8aDsX7CKcQ0gM-GILyvQAA

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q6H1ZPABMZ0Y5M7TQF9Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2SePnQB6JsaHCjJpTp6EhXVR%2F2opj9G6FMcO3vnO3857pn%2B7cqb44bSYnVvSyyQM9AHX0Dc%2BUNaj5gZ2dRK%2Be3qwNf2Dn3kM%2BdRZZEqFXQfwryp5O5nLhszEgols23KAvz1070%2Bhoujug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZY8aDsX7CKcQ0gM-GILyvQAA
cache-control: no-cache
cf-ray: 83d45a875f802263-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 50C2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=UGSYoIjvSfmGnE5rCN5oaQ
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=UGSYoIjvSfmGnE5rCN5oaQ&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58516&ovsid=UGSYoIjvSfmGnE5rCN5oaQ&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&ovsid=UGSYoIjvSfmGnE5rCN5oaQ&dpid=58516

57 B
655 B

410ms
128ms

Image
image/gif

104.126.119.104

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&ovsid=UGSYoIjvSfmGnE5rCN5oaQ&dpid=58516

Requested by

Protocol

Server

104.126.119.104 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 29 Dec 2023 19:12:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Fri, 29 Dec 2023 19:12:17 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&ovsid=UGSYoIjvSfmGnE5rCN5oaQ&dpid=58516
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://capi.connatix.com/us/pixel?pId=32&puId=HVVnIx1GQMqLfTFb6iGEXw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D
https://capi.connatix.com/us/pixel?pId=32&puId=HVVnIx1GQMqLfTFb6iGEXw&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DconnatixHMT%26id%3D%7BpuId%7D&final=true
https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=HVVnIx1GQMqLfTFb6iGEXw

43 B
479 B

65ms
64ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=HVVnIx1GQMqLfTFb6iGEXw

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FBY0SQHZD07G7362CCQB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
location: https://s.amazon-adsystem.com/ecm3?ex=connatixHMT&id=HVVnIx1GQMqLfTFb6iGEXw
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 83d45a88cd4c5c7b-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=22d7ca457fb149f0b44a1473fff61b3b

43 B
479 B

73ms
65ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=22d7ca457fb149f0b44a1473fff61b3b

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7K42YEE8D3XV12DZ79WH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=22d7ca457fb149f0b44a1473fff61b3b
date: Fri, 29 Dec 2023 19:12:16 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

65ms
60ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DFEK65JR2BZPB36D3WSR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=GY1M9NY1K2Q7R985PKA7:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: GY1M9NY1K2Q7R985PKA7
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: Z9LQK3rWrbEgFqPW_-wOcTliFuwA85TGK3fYE5T-WVKCy2nM7Kqzaw==

GET
H2 200 match
match.360yield.com/ Frame 50C2 43 B
198 B 91ms
62ms Image
image/gif 44.215.14.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.215.14.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-14-157.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Dec 2023 19:12:16 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 50C2 0
186 B 240ms
62ms Image
text/plain 50.17.81.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 50.17.81.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-81-185.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=125af91355cc7667d

43 B
479 B

94ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=125af91355cc7667d

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3DV45SYCZ9FS699DJR3B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:16 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=125af91355cc7667d
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Uer-1L16RreQHyrZJ4dQDQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Uer-1L16RreQHyrZJ4dQDQ

43 B
479 B

74ms
71ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Uer-1L16RreQHyrZJ4dQDQ

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4HWK07P6V7REAKW13FVN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Uer-1L16RreQHyrZJ4dQDQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=8u8G2sHVS46RI508OZt4IQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=61752508712521087063477347014333764914

43 B
479 B

142ms
73ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=61752508712521087063477347014333764914

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FJRT43P6G6GVG1QM7KAR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

dcs: dcs-prod-va6-1-v053-0ea3889d2.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Aoo3Mnc4S38=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=61752508712521087063477347014333764914
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=LbbdHMSyQD2G_IJhOsrh2w
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10597673616561355690&gdpr=&gdpr_consent=

43 B
479 B

99ms
69ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10597673616561355690&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SAXJ9JMQ3DVHEMRSXGZ9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10597673616561355690&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2894385099841259782

43 B
479 B

151ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2894385099841259782

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 39QR8WANCG79VRA1XJ5N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=2894385099841259782
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d%22,%22Time%22:%2220231229T191216.966668%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d

43 B
479 B

77ms
73ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KP538G14XT31B1SHSCZK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=amazon-na-23&gdpr=0
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr=0&domid=1109
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1109&ops=apx&google_gid=CAESEFfqBlw7wx-MxS0UVNxQ0bg&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEFfqBlw7wx-MxS0UVNxQ0bg&gdpr=0&action=GET_ID&etid=&domid=1109
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=5615141883278399293&opid=apx&ops=&utidl=tech:goo:CAESEFfqBlw7wx-MxS0UVNxQ0bg&gdpr=0&action=GET_ID&etid=&domid=1109
https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-64461182132&gdpr=0

43 B
479 B

66ms
64ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-64461182132&gdpr=0

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5A8DEJ9FK1S7RGP1W44B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=mediarithmics&id=vec-64461182132&gdpr=0
date: Fri, 29 Dec 2023 19:12:17 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LN0tPpXPQt9ggEALYeeciDc4cio4ZgAC

43 B
479 B

65ms
64ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LN0tPpXPQt9ggEALYeeciDc4cio4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PZ0CMXF1PA455SBMEN5W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BpGTYTrsyQuu4h2o0IxtAz%2FLx79%2FcwsHFn0t66a2veT%2FL7%2F0DNoIytC6kmlfE6dlBOc%2F%2BAgxY8wW2BVcYW0Mdw7Vt1oSTixKYmZ1WQIBSJAlx%2BUcz0rXNIALGd2ajqIiHutwkB60TJUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LN0tPpXPQt9ggEALYeeciDc4cio4ZgAC
cache-control: no-cache
cf-ray: 83d45a89697e7440-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 amazon
crb.kargo.com/api/v1/dsync/ Frame 50C2 43 B
358 B 262ms
79ms Image
image/gif 34.224.103.168

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/amazon?exid=FdqiHF0YQX-wLo8WGaj5sQ&r=https://s.amazon-adsystem.com/ecm3?ex=KargoHMT&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.103.168 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:17 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=5615141883278399293&ex=appnexus.com

43 B
479 B

66ms
64ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5615141883278399293&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FZ1R5QP37FGKGHQXG1N0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
an-x-request-uuid: f2d0ae9e-005f-4256-a0e7-6454e6055bb9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.amazon-adsystem.com/ecm3?id=5615141883278399293&ex=appnexus.com
x-proxy-origin: 38.132.118.67; 38.132.118.67; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=LvgoOwLpSwWEBjCxewsxJg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=LvgoOwLpSwWEBjCxewsxJg

43 B
479 B

69ms
67ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=LvgoOwLpSwWEBjCxewsxJg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CM1VP5C4F4BJKVFQQGZJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=LvgoOwLpSwWEBjCxewsxJg
date: Fri, 29 Dec 2023 19:12:15 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=DVVP-dUnPe-BOgzff1fT7sWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

79ms
78ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=DVVP-dUnPe-BOgzff1fT7sWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MN8F0S3Z9HB4K95XV0T1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=DVVP-dUnPe-BOgzff1fT7sWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b6c391ede0c9b3c7eab11a335db29fb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=8888&j=0
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=2c5f087160013da73222de1df0c5e3a7

43 B
479 B

96ms
95ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=2c5f087160013da73222de1df0c5e3a7

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4F4EVAD647A8Z5D9SDY5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:17 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=2c5f087160013da73222de1df0c5e3a7
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=66021E0A111A8F6528006C55027C3B83

43 B
479 B

104ms
86ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=66021E0A111A8F6528006C55027C3B83

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VPQVGPDFNK6R892F3W25
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:17 GMT
server: openresty/1.21.4.1
content-type: text/html
location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=66021E0A111A8F6528006C55027C3B83
access-control-allow-origin: https://www.homedepot.com
access-control-expose-headers: User-NDAT
cache-control: no-cache, private
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
content-length: 151
expires: Fri, 29 Dec 2023 19:12:16 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://sync-amazon.ads.yieldmo.com/sync?pn_id=amazon&id=2UkvI8EaTGSx5jVOFDODKg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DyieldmoHMT%26id%3D%7B%7Buserid%7D%7D
https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=2UkvI8EaTGSx5jVOFDODKg

43 B
479 B

69ms
67ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=2UkvI8EaTGSx5jVOFDODKg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BSY1MGKE98XRX0RS27HJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:17 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=yieldmoHMT&id=2UkvI8EaTGSx5jVOFDODKg
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072986&val=V868RNqKRE63pkMq7esGLQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=V868RNqKRE63pkMq7esGLQ

43 B
479 B

95ms
82ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=V868RNqKRE63pkMq7esGLQ

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z2A8D01SZSC9CAG97CYD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=V868RNqKRE63pkMq7esGLQ
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=dc243576-57be-4777-8474-06c8869707c2-tuctc889f91

43 B
479 B

103ms
81ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=dc243576-57be-4777-8474-06c8869707c2-tuctc889f91

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KATPVBW9TZ8P43QKTXGP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=dc243576-57be-4777-8474-06c8869707c2-tuctc889f91
date: Fri, 29 Dec 2023 19:12:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67368

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=261610004745008501436&ex=neustar.biz

43 B
479 B

189ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=261610004745008501436&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AB2GXNT55NBD4SEKEBNN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=261610004745008501436&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: r7wXq7_euu8zE5W_JSL6UvOBsb8tHYeUn34UvJCNcJ1W9Ad8YuQKUA==
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6a8fe1925ca0d7589717696f28d079cb

43 B
479 B

88ms
76ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6a8fe1925ca0d7589717696f28d079cb

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0AHE9TMDARQBJXWC5JCC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=6a8fe1925ca0d7589717696f28d079cb
Date: Fri, 29 Dec 2023 19:12:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=0We4v9oE99eZkR2k

43 B
479 B

89ms
85ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=0We4v9oE99eZkR2k

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6Q24NGDW98QGSQC053K6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=0We4v9oE99eZkR2k
date: Fri, 29 Dec 2023 19:12:17 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET sync
t.myvisualiq.net/ Frame 50C2 0
0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 50C2 0
123 B 503ms
65ms Image
text/plain 198.54.201.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=7atVVFghSAm84CCHtCIKwA&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.201.131 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-qxxbn
date: Fri, 29 Dec 2023 19:12:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-LNq0qytE2pFG8uAAPJAGLTb8SlNT4vMO4NsN~A&status=OK&ex=gemini

43 B
479 B

352ms
322ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-LNq0qytE2pFG8uAAPJAGLTb8SlNT4vMO4NsN~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FJ5PBJZ55GPS42EEH1WX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-LNq0qytE2pFG8uAAPJAGLTb8SlNT4vMO4NsN~A&status=OK&ex=gemini
date: Fri, 29 Dec 2023 19:12:17 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

100ms
92ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HPNT95WYCDQH5X13S5ZX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1703877137313080-1166

GET
H2 200 map
sync.rfp.fout.jp/ Frame 50C2 43 B
275 B 515ms
194ms Image
image/gif 35.186.196.148

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.rfp.fout.jp/map?dsp_id=12&uid=XHXdr-BOTzG33052J1hlQA
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.196.148 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:17 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
vary: Accept-Encoding
p3p: CP="ADM NOI OUR"
content-type: image/gif
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 50C2 0
337 B 85ms
62ms Image
text/plain 34.197.227.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=P__yFUCLTGe8cOFZLtFyrQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.227.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-227-33.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n039-ash-prod.krxd.net
date: Fri, 29 Dec 2023 19:12:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=117 t=1703877136
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 50C2 68 B
280 B 546ms
60ms Image
image/png 3.216.74.116

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=wE4DpHXcQL5mguNBAJxVK3sW&source_user_id=Me4AhFpoRpWQtWcYuN3Fwg
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.74.116 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 19:12:17 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=pI3V-RU6SXuITWfVg8bYYg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pI3V-RU6SXuITWfVg8bYYg

43 B
479 B

70ms
69ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pI3V-RU6SXuITWfVg8bYYg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AVJ6EJ5N1KV836EAE23E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=c1b2de26635566e95271f70b0e67ffc&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=pI3V-RU6SXuITWfVg8bYYg
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1703877137457089-1172

GET partner
sync.search.spotxchange.com/ Frame 50C2 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENRJCKLg5QNsy2eUoeo__ts&google_cver=1

43 B
479 B

201ms
70ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENRJCKLg5QNsy2eUoeo__ts&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GZDS7NTFSVE6JT23NQ52
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESENRJCKLg5QNsy2eUoeo__ts&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 50C2 20 B
20 B 234ms
60ms Image
text/plain 34.192.249.162

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT3_n-ix-HMT_n-y-HMT_n-cx-HMT_n-telaria_imdb_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_adb_mp_af_n-sk_n-mediarithmics_index_n-kg-HMT_an_n-pm-HMT_rb_nsln_nd_n-ym-HMT_n-ox-hmt_tbl_ns_bsw_bk_n-visualiq_n-dm2-HMT_gem_fw_n-fo-HMT_n-kr-new_n-st-HMT1_n-fw-HMT1_adelphic_sx_g_kr_n-comscr.com_ox_n-tl-HMT_n-semasio-ecm_n-g-hmt_n-ispot_pm&fv=1.0&a=cm&ex-pl-n-kr-new=P__yFUCLTGe8cOFZLtFyrQ&dmt=3&ex-pl-n-g-hmt=ebybpVj9QPmNg3fs6QfPIw&ep=ttam_T219Ay-cPciHbT10tDdxamw6ZuUlAbI-1dt8TQCSk9yqQ_7eeB6nXDuP_NV-zg0jifETh6GZo_yTJ0ZS-Me6Zsu8ZFAkQigQkrm9AnYkqlk6GqoVcVH6iLlznFYkhp01z1L6tmUYNl4IjRKRIOKC0CzfDTY3w2GgNNQGnfB5BBJIBPV0qzCVzou_klsX-MW5mTBKYIhoWTLIyMqDQjBVvTSBJ8q1obIgoc8xZHxwH7DgtgawmG7pDTgTgkXEqtbr0nq9OLR28KdV1DR6CaiIrLKkbD_UPc6KDfeOtBteDSH6KoSi-YdlW31lLQ168lYpp5_bEsw-vrNA_6ArlMomKYahdVP-8xloLODJjxbzbmAE3zZH74DB8XjUshLaSfIiDyfYSdXg27egbhe73dQYcLa6hM-SWF7OmZhK5JxOFpqpO-KPKe9vxW49BDvqFjby9H5WgaBecQwwI2ckA3wGj28BZpARfYiY_w1wkWz0GWLqxBUiDCB3QCk4z7WAGpm8BimjpAXVkZRFH7gxERExUtSCP3fu6LYT5txdulTQ8-NEgqOG4khSFxIn9Emivrphb7PDdvgKiRpC-4Fmc8bj1ybe5dQcoCysEa6ct8GCokrlSSJXyYJ5a5Ndz4ePEuayl1P3QCDzmPKoN5LKVAmLsMMgNHe-mAiSPIouMdkAOXi9t9dBOuYcACTX4KlxXlutaJRFmCKs7d6itEn7EGFQfyTfaUhxToyV_BxiIwSMob-pbQKjpJ_GcM9_OAzXraVDxn92ggnxbMgmI6IntMfQJsm-Q2P6k5Y-WkYDEbMgrl0spgQdMRCXM0bZ5berqroxf7y-kntmnjBuDeZh1f6N4pRcaVRlAZDlkx-vtPoyq_IaqBUgnkb7iwc1qe-N5GdgOu3cSYTIsY3NdOAJzGqiDHKE0Q09UJeSHpPjVw7VYnsqfxrnfn7UYTedWTsPGFkQBVZzz7_-EVBp7iCujcj2Dt02l4_Zfj7DJ4aql0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.249.162 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: usermatch-a010-ash-prod.krxd.net
date: Fri, 29 Dec 2023 19:12:17 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=4d9c7823e07de0614e47dca0356faaa4

43 B
479 B

191ms
68ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=4d9c7823e07de0614e47dca0356faaa4

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PENFV22WDCWR6QXT1ZSC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:16 GMT
via: 1.1 92d8afc92e3597d245b2f6480cd44220.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK52-P3
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=4d9c7823e07de0614e47dca0356faaa4
content-length: 0
x-amz-cf-id: k-5g3yoCnj7FnYzHB3f5ZNFEQ3L_F0bRgT3OaxmrTKUqUfjeRutoMQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dc3400df-0504-c095-05f5-f4dbaf688cb3

43 B
479 B

68ms
67ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dc3400df-0504-c095-05f5-f4dbaf688cb3

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NH4SXH0MBYXP5TE11V1C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Fri, 29 Dec 2023 19:12:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dc3400df-0504-c095-05f5-f4dbaf688cb3
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://eb2.3lift.com/xuid?mid=8341&xuid=u5oNAfUhTySDh7ZzK7pIIQ&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4548801516212776359454

43 B
479 B

68ms
67ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4548801516212776359454

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 49FJB6JC5X2T6WKEVSDV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4548801516212776359454
date: Fri, 29 Dec 2023 19:12:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DEB71CD8B701F0E5

43 B
479 B

67ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DEB71CD8B701F0E5

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RS8QWT3BK53N5MK4D9CA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Frontend-ID: 13
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=DEB71CD8B701F0E5
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=ebybpVj9QPmNg3fs6QfPIw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

183ms
63ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y022KCBMX13R509CGWYY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=37d86acc974fdbfcb2fb367b18030e2d0ea51c24a383a58bcf66e658c50fa67a

43 B
479 B

67ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=37d86acc974fdbfcb2fb367b18030e2d0ea51c24a383a58bcf66e658c50fa67a

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XKJV5W06MXDXGPHFJT87
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Dec 2023 19:12:17 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=37d86acc974fdbfcb2fb367b18030e2d0ea51c24a383a58bcf66e658c50fa67a
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 50C2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5006F61B-88E6-46F8-8E67-416FD9B86413

43 B
479 B

72ms
69ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5006F61B-88E6-46F8-8E67-416FD9B86413

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Dec 2023 19:12:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T5DQ13G3ZVTGVEM92RAN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=5006F61B-88E6-46F8-8E67-416FD9B86413
date: Fri, 29 Dec 2023 19:12:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame AE0C 874 B
919 B 69ms
60ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=jp8nt4i&ref=https%3A%2F%2Fa2.adform.net%2F&upid=vww3fws&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 3d2cb090ee264c80d6173099f865a454ac1660c699de4948423c19619a69184d

Request headers

Referer: https://track.adform.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 29 Dec 2023 19:12:18 GMT
server: Kestrel
vary: Accept-Encoding

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame AE0C 488 B
1003 B 74ms
68ms Script
application/x-javascript 54.230.160.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=jp8nt4i&ref=https%3A%2F%2Fa2.adform.net%2F&upid=vww3fws&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-160-114.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 20:35:51 GMT
Via: 1.1 f28d01ff99a9babe0b725f1873c60b2a.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 Dec 2023 01:34:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C3
Age: 81388
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: Mmm8L2rCc3NIrapVSr9v6ARw3mw9TV09YzLRjTNkBkEG2k6M3eQFuQ==

GET
H2

200

cksync Show response
hb.yahoo.net/ Frame D3C8
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&gdpr=0&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&dpid=55953

57 B
496 B

102ms
101ms

Document
image/gif

104.126.119.104

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&gdpr=0&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&dpid=55953

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.119.104 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 57
content-type: image/gif
date: Fri, 29 Dec 2023 19:12:18 GMT
expires: Fri, 29 Dec 2023 19:12:18 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

Redirect headers

age: 0
content-length: 0
date: Fri, 29 Dec 2023 19:12:18 GMT
location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ubFNGY3dORTJ1R3VMUWxhMm81MU1TRXV5eWpQOE9NZH5B&gdpr=0&ovsid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&dpid=55953
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.94
strict-transport-security: max-age=31536000

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame C6DD
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5615141883278399293&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc

70 B
472 B

60ms
59ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5615141883278399293&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 29 Dec 2023 19:12:18 GMT
server: Kestrel

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: b257c552-9f65-4ad5-b137-d088e58d33d7
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 29 Dec 2023 19:12:18 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5615141883278399293&ttd_tdid=9dd8eab8-d750-4c71-b136-2a23d2fe23dc
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 38.132.118.67; 38.132.118.67; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame C6EF
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9dd8eab8-d750-4c71-b136-2a23d2fe23dc&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
472 B

61ms
59ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Fri, 29 Dec 2023 19:12:18 GMT
server: Kestrel

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2894385099841259782

Domain: t.myvisualiq.net
URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:19:23	Name: X-AB Value: b0abdf9f9dff4cfeb2717a9960d575ec
.venom.com/	1969-12-31 23:59:59	Name: check Value: true
.agkn.com/	1970-01-21 02:03:33	Name: ab Value: 0001%3AjJUz6A%2FcjmzoiLml8BV1hGO5FVQnkKJw
.agkn.com/	1970-01-21 02:03:33	Name: u Value: C\|0AAAtIdaNLSHWjQAAAAAA
.venom.com/	1970-01-21 02:53:57	Name: mbox Value: session#9472e8ff09094638a0569bc0b5e842d0#1703878994\|PC#9472e8ff09094638a0569bc0b5e842d0.34_0#1767121934
.venom.com/	1970-01-20 17:17:58	Name: mboxEdgeCluster Value: 34
.venom.com/	1970-01-20 19:27:33	Name: _gcl_au Value: 1.1.873997013.1703877134
.scorecardresearch.com/	1970-01-21 02:53:57	Name: UID Value: 1C2eacbeb8a4a445125a6f01703877134
.doubleclick.net/	1970-01-21 02:53:57	Name: IDE Value: AHWqTUkE9wXtlVnPWYbTd7FEMF_k7EYwEq_2sAqIuk5xCDCi07aLj0Ab6rcaSW5tpes
.adform.net/	1970-01-20 18:02:35	Name: C Value: 1
.adform.net/	1970-01-20 18:44:21	Name: receive-cookie-deprecation Value: 1
.venom.com/	1970-01-20 19:27:33	Name: _fbp Value: fb.1.1703877134333.1365959941
.venom.com/	1970-01-20 17:19:23	Name: _uetsid Value: 2cd9b6b0a67e11eeab14e17358156422
.venom.com/	1970-01-21 02:39:33	Name: _uetvid Value: 2cdbace0a67e11eeb7acd1f077dd6cfc
.bing.com/	1970-01-21 02:39:33	Name: MUID Value: 0289C3C655CE678C0DD7D03054A26682
.bat.bing.com/	1970-01-20 17:28:01	Name: MR Value: 0
.adform.net/	1970-01-20 18:44:21	Name: uid Value: 2894385099841259782
.adform.net/	1970-01-20 17:19:23	Name: CM Value: 1\|1
.bluekai.com/	1970-01-20 21:37:09	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:41:28	Name: bku Value: T+y999TSMtDQp2XG
.adform.net/	1970-01-20 17:38:06	Name: CM14 Value: 1703963525_1703877125_1_Hu7u4e4e4R7u4e4REREeEREREQ
.seadform.net/	1970-01-20 18:44:21	Name: uid Value: 2894385099841259782
.bidswitch.net/	1970-01-21 02:03:33	Name: tuuid Value: 12fe5331-12a2-4d9e-9624-007e0567077c
.bidswitch.net/	1970-01-21 02:03:33	Name: c Value: 1703877134
.casalemedia.com/	1970-01-21 02:03:33	Name: CMID Value: ZY8aDsX7CKcQ0gM-GILyvQAA
.casalemedia.com/	1970-01-20 19:27:33	Name: CMPS Value: 589
.casalemedia.com/	1970-01-20 19:27:33	Name: CMPRO Value: 589
.tiktok.com/	1970-01-21 02:39:33	Name: _ttp Value: 2aEI6RT6jUxGTLkHjgpVDTxdDIX
.bidswitch.net/	1970-01-21 02:03:33	Name: tuuid_lu Value: 1703877135
.twitter.com/	1970-01-21 02:53:57	Name: personalization_id Value: "v1_EstnF6UR5LkUtk0Kdf5uag=="
.semasio.net/	1970-01-21 02:03:33	Name: SEUNCY Value: DEB71CD8B701F0E5
.smartadserver.com/	1970-01-21 02:48:11	Name: pid Value: 8806977007108321
.smartadserver.com/	1970-01-21 02:48:11	Name: TestIfCookieP Value: ok
.eyeota.net/	1970-01-21 02:04:59	Name: mako_uid Value: 18cb6fdcb53-46b90000010a49d5
.eyeota.net/	1970-01-20 17:17:57	Name: SERVERID Value: 18901~DM
.t.co/	1970-01-21 02:53:57	Name: muc_ads Value: a3762191-0fa8-4434-8120-d7d7ee828cc8
.exelator.com/	1970-01-20 20:10:45	Name: EE Value: "2c5f087160013da73222de1df0c5e3a7"
.rubiconproject.com/	1970-01-21 02:03:33	Name: khaos Value: LQR0GBUD-1K-4PRH
.rlcdn.com/	1970-01-21 02:03:33	Name: rlas3 Value: QowLpXJY7YGhh0AzFZFC+0emusdeJMcagfJ2VgCftSo=
.openx.net/	1970-01-21 02:03:33	Name: i Value: 574e43fb-b029-4498-9f2d-bea4a37c74ae\|1703877135
.krxd.net/	1970-01-20 21:37:09	Name: _kuid_ Value: QARqqbrW
.crwdcntrl.net/	1970-01-20 23:46:44	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:46:44	Name: _cc_id Value: 48dd7184aecd0178454b99329f4ee623
.rlcdn.com/	1970-01-20 18:44:21	Name: pxrc Value: CI+0vKwGEgUI6AcQABIFCOhHEAA=
.ads.stickyadstv.com/	1970-01-20 18:44:21	Name: uid-bp-617 Value: 2894385099841259782
.ads.stickyadstv.com/	1970-01-20 18:01:09	Name: UID Value: c1b2de26635566e95271f70b0e67ffc
.exelator.com/	1970-01-20 20:10:45	Name: ud Value: "eJxrXxzq6XKLQcEo2TTNwMLc0MzAwNA4JdHc2MjIKCXVMCXNINk01TjRfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252BLrgcAhTgqCg%253D%253D"
.csync.loopme.me/	1970-01-20 19:28:59	Name: viewer_token Value: a69fdc65-a085-49a2-a184-03c370a3943c
.adnxs.com/	1970-01-20 19:27:33	Name: uuid2 Value: 5615141883278399293
.pippio.com/	1970-01-21 02:03:33	Name: did Value: JhwL4j-7Kcx9vZIR
.pippio.com/	1970-01-21 02:03:33	Name: didts Value: 1703877135
.pippio.com/	1970-01-20 18:44:21	Name: nnls Value:
.pippio.com/	1970-01-20 18:44:21	Name: pxrc Value: CI+0vKwGEgYIgr0rEAA=
.pubmatic.com/	1970-01-20 18:01:09	Name: KRTBCOOKIE_391 Value: 22924-2894385099841259782&KRTB&23263-2894385099841259782&KRTB&23481-2894385099841259782
.demdex.net/	1970-01-20 21:37:09	Name: demdex Value: 61752508712521087063477347014333764914
.linkedin.com/	1970-01-20 19:27:33	Name: li_sugr Value: 784193c7-c041-48b7-a8b4-70601606a073
.linkedin.com/	1970-01-21 02:03:33	Name: bcookie Value: "v=2&336af1af-8719-4b46-887c-69f09b7cf60d"
.linkedin.com/	1970-01-20 17:19:23	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3084:u=1:x=1:i=1703877136:t=1703963536:v=2:sig=AQGzIcIYwrHk_ZM4ANtEUyLztfh_qEtj"
.dpm.demdex.net/	1970-01-20 21:37:09	Name: dpm Value: 61752508712521087063477347014333764914
.adsrvr.org/	1970-01-21 02:04:59	Name: TDID Value: 9dd8eab8-d750-4c71-b136-2a23d2fe23dc
.amazon-adsystem.com/	1970-01-20 21:44:21	Name: ad-id Value: AzXTNaCvoEgDkPeFpgZ-uU0
.amazon-adsystem.com/	1970-01-21 02:53:57	Name: ad-privacy Value: 0
.twitter.com/	1970-01-21 02:53:57	Name: guest_id_marketing Value: v1%3A170387713627999636
.twitter.com/	1970-01-21 02:53:57	Name: guest_id_ads Value: v1%3A170387713627999636
.twitter.com/	1970-01-21 02:53:57	Name: guest_id Value: v1%3A170387713627999636
.w55c.net/	1970-01-21 02:49:37	Name: wfivefivec Value: gnwOa5Uc1Rjihi5
.audrte.com/	1970-01-20 17:39:33	Name: arcki2 Value: fe4nRJEzT1PSQiI2w6thp-dVg!20220908!1703877136337!ip#38.132.118.67
.audrte.com/	1970-01-20 17:39:33	Name: arcki2_adform Value: 2894385099841259782!20220908!1703877136337
.w55c.net/	1970-01-20 18:01:09	Name: matchadform Value: 5
.adfarm1.adition.com/	1970-01-20 19:27:33	Name: UserID1 Value: 7318096575533086877
.adnxs.com/	1970-01-20 19:27:33	Name: anj Value: dTM7k!M40]Erk#WF']wIg2GVGeO*x$!]tbPl1M66+q([OUezY.Z5?M5[McsFOt+Ph[QV1_Smh['Lj/Hr3Rg?uw-^`hn#G-lJO.mRsbdW#h:Hfg^7BD?fe`AfOMM>>PlZ[C[-kX-<goI3
.weborama.fr/	1970-01-21 02:43:52	Name: AFFICHE_W Value: SmUknSYQ93JK48
.smartadserver.com/	1970-01-21 02:04:59	Name: csync Value: 22:2894385099841259782\|144:AXLBuHrjQ72bzsCKALx9kw
.teads.tv/	1970-01-21 02:02:06	Name: tt_viewer Value: 15ed49fc-8c83-4e44-a6c0-9d0fa307fad5
.audrte.com/	1970-01-20 17:39:33	Name: arcki2_ddp2 Value: fe4nRJEzT1PSQiI2w6thp-dVg!20220908!1703877136608
.connatix.com/	1970-01-20 18:01:09	Name: cnx_userId Value: 2681053c45e14b58b20a8acb1202ae91
.yahoo.com/	1970-01-21 02:03:54	Name: A3 Value: d=AQABBBAaj2UCEA87kypMzlc2o_UxRvIO8XEFEgEBAQFrkGWYZdxH0iMA_eMAAA&S=AQAAAiQnRDzrsdstRF-zsTGN6KQ
ads.samba.tv/	1970-01-21 02:49:37	Name: sambapxid Value: 125af91355cc7667d
.mookie1.com/	1970-01-21 02:46:45	Name: id Value: 10597673616561355690
.mookie1.com/	1970-01-21 02:46:45	Name: mdata Value: 1\|10597673616561355690\|1703877136737
.mookie1.com/	1970-01-21 02:46:45	Name: ov Value: d361f051d2d518b4674208ff0f03e200
.smaato.net/	1970-01-20 17:48:11	Name: SCM Value: 2e86721743
.smaato.net/	1970-01-20 17:48:11	Name: SCMt Value: 2e86721743
.smaato.net/	1970-01-20 17:48:11	Name: SCM1001213 Value: 2e86721743
.3lift.com/	1970-01-20 19:27:33	Name: tluid Value: 4548801516212776359454
.tremorhub.com/	1970-01-21 02:03:54	Name: tvid Value: 427a0c8aabad4687b5eb0dbbc7646485
.tremorhub.com/	1970-01-21 02:53:57	Name: tv_UIAM Value: 22d7ca457fb149f0b44a1473fff61b3b
.id5-sync.com/	1970-01-20 19:27:33	Name: id5 Value: 2044d9f9-6b8a-7ed5-82cf-6a216b41f6eb#1703877136681#2
.360yield.com/	1970-01-20 19:27:33	Name: tuuid Value: 7c6743f7-67e9-44b4-8854-3dfa2c5fd1cf
.360yield.com/	1970-01-20 19:27:33	Name: tuuid_lu Value: 1703877136
.pubmatic.com/	1970-01-20 19:27:33	Name: KRTBCOOKIE_290 Value: 23261-LvgoOwLpSwWEBjCxewsxJg&KRTB&23219-LvgoOwLpSwWEBjCxewsxJg
.pubmatic.com/	1970-01-20 18:01:09	Name: PugT Value: 1703877135
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1703877136_1
.serving-sys.com/	1970-01-20 18:01:09	Name: u2 Value: ed7285f9-3e5c-4d4c-8c78-891e1b8ea56d4Q8070
.360yield.com/	1970-01-20 19:27:33	Name: um Value: !79,.7E1dlhgeMtnUM1YKbZyb78AZgYI8JfwjwP2umPCJg8L-W4yqYegbPYaE0swBGL1C7nUe-RQTnt9FiWJ,1711653137
.360yield.com/	1970-01-20 19:27:33	Name: umeh Value: !79,0,1766085137,-1
.taboola.com/	1970-01-21 02:03:33	Name: t_gid Value: dc243576-57be-4777-8474-06c8869707c2-tuctc889f91
.taboola.com/	1970-01-21 02:03:33	Name: t_pt_gid Value: dc243576-57be-4777-8474-06c8869707c2-tuctc889f91
.kargo.com/	1970-01-21 02:03:33	Name: ktcid Value: 66efe0b9-cc7d-07ef-52c1-f904b588fe82
.ninthdecimal.com/	1970-01-21 02:03:33	Name: ndat Value: Ch4CZmWPGhFVbAAogzt8Ag==
.hb.yahoo.net/	1970-01-20 21:37:09	Name: visitor-id Value: 3468787371523504000V10
.hb.yahoo.net/	1970-01-20 21:37:09	Name: data-amz Value: UGSYoIjvSfmGnE5rCN5oaQ~~63
.id5-sync.com/	1970-01-20 19:27:33	Name: 3pi Value: 2#1703877137372#147328546#5615141883278399293\|10#1703877136842#-1598925969#2894385099841259782\|124#1703877137131#1651365657
.ads.stickyadstv.com/	1970-01-20 17:38:06	Name: uid-bp-30833 Value: pI3V-RU6SXuITWfVg8bYYg
.yieldmo.com/	1970-01-21 02:03:33	Name: yieldmo_id Value: 3zUThDDqqTDM2ppxs8Ia%7C1703808000000%7C0
.ads.yieldmo.com/	1970-01-21 02:03:33	Name: ptramazon Value: 2UkvI8EaTGSx5jVOFDODKg
.ispot.tv/	1970-01-21 02:53:57	Name: pt Value: v2:37d86acc974fdbfcb2fb367b18030e2d0ea51c24a383a58bcf66e658c50fa67a\|9c0281abcc0afd2935363a2341cff24e17b6e9f5d7f1e6d26196906fa532e555
.sharethrough.com/	1970-01-20 18:01:09	Name: stx_user_id Value: eecc7c75-38de-4f6e-ba87-345eb1c69b6e
.pubmatic.com/	1970-01-21 02:03:33	Name: KADUSERCOOKIE Value: 5006F61B-88E6-46F8-8E67-416FD9B86413
.mediarithmics.com/	1970-01-21 02:03:33	Name: mics_vid Value: 64461182132
.mediarithmics.com/	1970-01-21 02:03:33	Name: mics_uaid Value: web:1:7d614ecc-54a5-49f2-8bd4-f9ac54b94a62
.mediarithmics.com/	1970-01-21 02:03:33	Name: mics_lts Value: 1703877137912
.analytics.yahoo.com/	1970-01-21 02:03:33	Name: IDSYNC Value: "195g~2fvv:19e0~2fvv:19b9~2fvv:1769~2fvv"
.rubiconproject.com/	1970-01-21 02:03:33	Name: audit Value: 1\|i7gP1NqJ6aKOgJV/jyfkyIjqRfP6r0psQRVZP3t3Loqbz16xSA9sXWPKzgcbZ1ywYA9hqnP/qrPyUhTWCqUS/I+whRf0v/l/h/MFdqcqtQuuWkfkKy+MMeDY/i+uHkZOfY0V14FIbwNDA6MeUnKE5KZr5ZVxLWDe
.adsrvr.org/	1970-01-21 02:04:59	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCIyslrmDq8Q8EAUSFwoIYXBwbmV4dXMSCwj288O7g6vEPBAFEhYKB3J1Ymljb24SCwii6pa5g6vEPBAFGAUgASgDMgsI-IuZ5pmrxDwQBUIPIg0IARIJCgV0aWVyMhABWgdqcDhudDRpYAE.
.hb.yahoo.net/	1970-01-20 17:38:06	Name: data-ttd Value: 9dd8eab8-d750-4c71-b136-2a23d2fe23dc~~63

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://venom.com/ Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
javascript	warning	URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.bkrtx.com/js/bk-coretag.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://assets.adobedtm.com/bc7edc03f3b671a5b00119b4d88ffade87a3e20f/satelliteLib-7e2bcd047fa8273c37190fbf382316c5c0b99379.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tags.bkrtx.com/js/bk-coretag.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2894385099841259782 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3944448.fls.doubleclick.net
9096304.fls.doubleclick.net
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
amazon.partners.tremorhub.com
analytics.tiktok.com
analytics.twitter.com
api.adrtx.net
assets.adobedtm.com
b.scorecardresearch.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.adform.net
capi.connatix.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cookie-matching.mediarithmics.com
crb.kargo.com
csync.loopme.me
d.agkn.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
global.ib-ibi.com
googleads.g.doubleclick.net
hb.yahoo.net
i.annihil.us
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
lciapi.ninthdecimal.com
lm.serving-sys.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
marvel.tt.omtrdc.net
match.360yield.com
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
odr.mookie1.com
pdw-adf.userreport.com
pi.ispot.tv
pippio.com
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s2.adform.net
s3-eu-west-1.amazonaws.com
sb.scorecardresearch.com
sc-static.net
secure.adnxs.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
sync-amazon.ads.yieldmo.com
sync.crwdcntrl.net
sync.rfp.fout.jp
sync.search.spotxchange.com
sync.taboola.com
sync.teads.tv
t.co
t.myvisualiq.net
tags.bkrtx.com
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
venom.com
venombiteenergy.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
global.ib-ibi.com
sync.search.spotxchange.com
t.myvisualiq.net
104.126.119.104
104.244.42.133
104.244.42.67
107.178.254.65
108.139.47.108
13.225.214.84
13.35.102.14
141.226.224.48
146.75.28.157
151.101.194.132
162.19.138.82
162.248.18.37
172.253.115.149
172.253.122.155
172.64.146.152
172.64.151.101
18.156.154.47
18.235.121.230
18.238.49.52
18.238.55.84
18.238.74.246
185.167.164.43
185.167.164.44
185.167.164.49
198.54.201.131
204.74.99.100
216.22.16.72
23.47.69.85
23.49.248.198
23.56.212.125
23.7.64.229
2600:141b:1c00:1c84::1e80
2600:1f18:612b:4200:b356:89b7:4cae:66dd
2600:9000:21da:fa00:19:fc2c:a140:93a1
2600:9000:21ea:9e00:b:f2af:4980:93a1
2600:9000:2209:6800:1b:5138:8a40:93a1
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::68
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.12.177.24
3.13.112.255
3.216.74.116
3.222.212.19
3.225.218.10
3.33.220.150
34.192.249.162
34.197.216.192
34.197.227.33
34.224.103.168
34.229.3.43
34.231.115.221
34.255.227.21
35.186.196.148
35.190.24.218
35.190.43.134
35.190.90.30
35.211.178.172
35.214.136.251
35.244.154.8
35.244.159.8
35.71.139.29
37.157.2.229
44.205.235.60
44.212.89.30
44.215.14.157
44.220.113.151
46.19.11.36
50.17.81.185
50.57.31.206
52.218.101.235
52.46.143.56
54.156.26.12
54.166.148.14
54.230.160.114
54.36.150.183
63.140.38.137
63.251.28.134
68.67.179.153
69.192.109.215
72.32.138.96
8.28.7.81
8.43.72.97
8.43.72.98
85.114.159.118
99.81.243.254
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
13f226af92b84c7776b2064167e0b9798c9818e9cd10715fa9aae52632f22f4b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1638703c3d6a2d6b7d19d4f9ff14b5734b9679988bf14ff34489498bb6708ca2
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
241888848ba27fe4a645b2031fe503a6f93b5a412eaa62ec6b14eac7a77d2d8e
252e0c85e488cc3574471ed7211571ad207f77426690a0ae8c1bd13fc4007cbb
2635f7659c4a542d4dc4baee1882fd2d8446af0b555f93b10c4a222f9eb0e44e
27ec378d805f173eae40847e08d693c34e5758560a138a456fe650ae49152d58
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34da65a434d76d99155ad82012f852c1a160574c61ce24864c95c4a78b30befa
3d2cb090ee264c80d6173099f865a454ac1660c699de4948423c19619a69184d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
410f324aabf95eb466c54c9f069b9ef135c288c8dfb3e71018bad9293c671f6e
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f2e197e5c584533c68dc7267634b8e77373916e72b3c9b9f0a76ba22bb6a7
52a1d0f52f460e327988c355867521b4de4af61472d94935afb22dd20cfea935
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b67b4868edfa827e6c22ef20ed8d69c35163d76a84df51d7243b656822a1c33
5c948def2b7a4453ae2f5c6bc1c7ba94f2d42b316da4ae1c82951f056948ebe3
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e
6a02ab1864187a4cf7168813c2ae2e17b0f84cdd8b64e86914b73ba2a0d3d903
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e05d66dba45e53f9c26893b389ca8db33ca68cf4158d0656ea154c1d487560b
703cb89d398b0c42d231d0a7314f3196499aeec49eef7992c370c2a6419b5de4
723d625ce6a4106fa1f06b21fac0930e6973387616a41c39ddafe96ffcbe1d57
77ed783446d00b1e37a0b20884a60272fd27f68267035aafd40eece3bf746f27
7d6c4d0f6c0243be96359698866dd471c961e463dbc5604aebc1c36a229ba303
7f650b94f675ae546899ffe630a55f5cd26b4841b3e67bbbb0d97f64a6cfc4c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
88ce9662dc76509851d27345ee0cd5bb3627dba11d123dd0034ac8a5f2deecc4
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a8d2652bbfcd895f59d7e9bb7095e5e8f67f002611001b50a761f64ae16b20f0
aaf2144994a6526fbb99f8c17c763442d74df9f1a235fed67449ec86f96892c2
ab12e815caea6aba8fe2da60e7d298cccb649166f81926ff64e5dc56ea526522
ab8e8eaf6b2893482c1e6b5cdadc32f31a09b8bfceb499dc7ed91145f977df50
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2265383ee10109baa9a6d2eb1362ae4e9a30782d042c54a300a2ad4c9b18306
b77781c1d215c69287e590007157a5876cc5ae764453b4555b7aa8613b79f35d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0f1f135a2ae4d7a85ecdd329fca4d549b170f7599ade2c8b8c38c2cc851b36c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e761cf0d058a8e35bec470e90841328ff169ccf3a2c803e9cfb67e907db693fc
e9245f81c4cd89b2f843b341861b84039f5c3bebb2a35b6e3ff22c6cd2bc7fe5
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7fde4bc9a73bd058e60e4780221b689b7aa30c7250285b5f348cc18c3842348
f95f8c987824e5c06ac2bf4acc789a1444a9e76be34c179acd62a3d271bf2641

venom.com Open in urlscan Pro 72.32.138.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

58 %HTTPS

15 %IPv6

81 Domains

107 Subdomains

65 IPs

5 Countries

1027 kBTransfer

2640 kBSize

116 Cookies

16 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

venom.com Open in urlscan Pro
72.32.138.96 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

58 %
HTTPS

15 %
IPv6

81
Domains

107
Subdomains

65
IPs

5
Countries

1027 kB
Transfer

2640 kB
Size

116
Cookies

169 HTTP transactions
0 data transactions