urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-security-essentials.softonic-ar.com Open in urlscan Pro
35.227.233.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://microsoft-security-essentials.softonic-ar.com/
Submission: On January 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 79 IPs in 10 countries across 86 domains to perform 274 HTTP transactions. The main IP is 35.227.233.104, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is microsoft-security-essentials.softonic-ar.com.
TLS certificate: Issued by Don Dominio / MrDomain RSA DV CA on December 11th 2023. Valid for: a year.
This is the only time microsoft-security-essentials.softonic-ar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 35.227.233.104 396982 (GOOGLE-CL...)
2 2600:9000:251... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
15 151.101.1.91 54113 (FASTLY)
28 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 108.139.51.165 16509 (AMAZON-02)
3 18.238.64.130 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 162.19.138.120 16276 (OVH)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.64.102 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.59 16509 (AMAZON-02)
1 108.139.54.29 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 104.18.35.167 13335 (CLOUDFLAR...)
2 108.139.38.124 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 162.19.138.119 16276 (OVH)
2 17 52.46.128.147 16509 (AMAZON-02)
1 2 35.244.193.51 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 51.222.239.230 16276 (OVH)
4 4 69.194.240.13 26120 (RHYTHMONE)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
2 54.90.5.164 14618 (AMAZON-AES)
3 23.58.91.123 16625 (AKAMAI-AS)
4 23.56.163.106 16625 (AKAMAI-AS)
2 6 35.244.159.8 396982 (GOOGLE-CL...)
1 1 23.105.12.143 30633 (LEASEWEB-...)
1 1 63.251.86.49 32475 (SINGLEHOP...)
1 7 63.251.86.50 10913 (INTERNAP-BLK)
2 3 35.71.139.29 16509 (AMAZON-02)
3 4 68.67.160.132 29990 (ASN-APPNEX)
15 35.172.99.217 14618 (AMAZON-AES)
7 7 35.211.178.172 15169 (GOOGLE)
4 4 185.167.164.49 198622 (ADFORM)
2 2 54.196.33.224 14618 (AMAZON-AES)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 52.86.74.151 14618 (AMAZON-AES)
1 2 169.197.150.7 398989 (DEEPINTENT)
2 2 64.74.236.255 19024 (INTERNAP-...)
2 2 198.148.27.131 19189 (PULSEPOINT)
1 1 23.83.76.69 395954 (LEASEWEB-...)
7 7 3.33.220.150 16509 (AMAZON-02)
7 14 142.251.40.162 15169 (GOOGLE)
1 1 124.146.153.165 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.32.172.185 16625 (AKAMAI-AS)
12 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 104.36.115.113 62713 (AS-PUBMATIC)
2 2607:f8b0:400... 15169 (GOOGLE)
3 3 35.207.24.140 15169 (GOOGLE)
2 2 8.2.110.134 46636 (NATCOWEB)
2 2 216.22.16.40 30633 (LEASEWEB-...)
1 44.221.129.93 14618 (AMAZON-AES)
2 2 82.145.213.8 39832 (NO-OPERA)
2 2 8.43.72.97 26667 (RUBICONPR...)
1 1 131.153.170.220 19437 (SS-ASH)
14 20 69.173.151.100 26667 (RUBICONPR...)
2 5 34.111.113.62 396982 (GOOGLE-CL...)
1 40.76.134.238 8075 (MICROSOFT...)
2 23 162.248.18.37 62713 (AS-PUBMATIC)
1 1 34.170.123.2 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.95.126.138 16509 (AMAZON-02)
7 7 54.165.177.33 14618 (AMAZON-AES)
3 3 34.200.65.202 14618 (AMAZON-AES)
1 23.40.179.154 20940 (AKAMAI-ASN1)
1 147.75.195.55 54825 (PACKET)
1 3.91.113.229 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 139.45.240.92 57304 (RUBY-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 8.28.7.84 62713 (AS-PUBMATIC)
2 2 173.231.184.20 32475 (SINGLEHOP...)
1 1 216.22.16.57 30633 (LEASEWEB-...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 2 151.101.194.49 54113 (FASTLY)
1 2 44.219.58.122 14618 (AMAZON-AES)
1 3.229.81.23 14618 (AMAZON-AES)
1 52.6.102.233 14618 (AMAZON-AES)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 54.227.205.3 14618 (AMAZON-AES)
1 18.238.55.15 16509 (AMAZON-02)
2 2 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 3.215.169.119 14618 (AMAZON-AES)
2 2 2606:ae80:145... 25751 (VALUECLICK)
2 2 207.198.113.204 13768 (COGECO-PEER1)
1 54.166.215.153 14618 (AMAZON-AES)
1 2 204.2.226.29 2914 (NTT-LTD-2914)
1 2 34.231.250.139 ()
2 74.119.119.150 ()
1 1 199.38.167.130 ()
1 2 2606:4700::68... ()
1 1 69.90.254.78 ()
1 54.90.49.71 ()
2 2 54.85.14.136 ()
1 52.201.6.220 ()
1 2 54.225.179.207 ()
274 79
7    35.227.233.104 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 104.233.227.35.bc.googleusercontent.com
microsoft-security-essentials.softonic-ar.com
softonic-ar.com
2    2600:9000:2510:e000:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
4    2607:f8b0:4006:821::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2607:f8b0:4006:81d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2607:f8b0:4006:822::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
15    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
sc.sftcdn.net
28    2600:141b:1c00:1a86::29cc (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
images.sftcdn.net
1    108.139.51.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-51-165.jfk50.r.cloudfront.net
www.datadoghq-browser-agent.com
3    18.238.64.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-64-130.jfk52.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2607:f8b0:4006:823::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
4    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
4    2606:4700:20::ac43:4aad (United States)

ASN13335 (CLOUDFLARENET, US)
wct.softonic-ar.com
2    2607:f8b0:4006:80f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2606:4700::6811:594a (United States)

ASN13335 (CLOUDFLARENET, US)
js.srvtrck.com
search.srvtrck.com
hades.srvtrck.com
i.srvtrck.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    2607:f8b0:4006:824::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
5    2607:f8b0:4006:823::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
syndicatedsearch.goog
analytics.google.com
1    2607:f8b0:4006:80d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.64.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net
ad.doubleclick.net
1    2607:f8b0:4006:80c::201b (Colchester, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    108.138.106.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-59.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    108.139.54.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-54-29.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    108.139.38.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-124.jfk50.r.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
1    2607:f8b0:4006:820::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
17    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    2607:f8b0:4006:807::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
4    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    54.90.5.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-5-164.compute-1.amazonaws.com
rtb.gumgum.com
3    23.58.91.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-91-123.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    23.56.163.106 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-106.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
1    63.251.86.49 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    63.251.86.50 (United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    68.67.160.132 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
15    35.172.99.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-99-217.compute-1.amazonaws.com
usersync.gumgum.com
7    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
4    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    54.196.33.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-33-224.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    2600:1f18:4e9:5a07:661c:76e7:ba4a:a9a4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
2    52.86.74.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-74-151.compute-1.amazonaws.com
sync.ipredictive.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    64.74.236.255 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.83.76.69 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
ssbsync.smartadserver.com
7    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
14    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    124.146.153.165 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    2607:f8b0:4006:817::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2607:f8b0:4006:808::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2607:f8b0:4006:806::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
2    216.22.16.40 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
1    44.221.129.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-221-129-93.compute-1.amazonaws.com
sync-km.ads.yieldmo.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    131.153.170.220 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
20    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
23    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
3    2607:f8b0:4006:820::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    54.165.177.33 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-177-33.compute-1.amazonaws.com
match.prod.bidr.io
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    23.40.179.154 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-154.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    147.75.195.55 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    3.91.113.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-113-229.compute-1.amazonaws.com
match.sharethrough.com
4    2607:f8b0:4006:81e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)
notix.io
1    2606:4700::6811:5a4a (United States)

ASN13335 (CLOUDFLARENET, US)
hades.srvtrck.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    173.231.184.20 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-cassandra-1.sys.adgear.com
cm.adgrx.com
1    216.22.16.57 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    44.219.58.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-58-122.compute-1.amazonaws.com
thrtle.com
1    3.229.81.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-81-23.compute-1.amazonaws.com
crb.kargo.com
1    52.6.102.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-102-233.compute-1.amazonaws.com
sync.bfmio.com
1    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    54.227.205.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-205-3.compute-1.amazonaws.com
pm.w55c.net
1    18.238.55.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-15.jfk52.r.cloudfront.net
synchroscript.deliveryengine.adswizz.com
2    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    3.215.169.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-169-119.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    2606:ae80:1451:24::730 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
2    207.198.113.204 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    54.166.215.153 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-215-153.compute-1.amazonaws.com
rtb.adentifi.com
2    204.2.226.29 (Springfield, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
2    34.231.250.139 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    74.119.119.150 (None, )

ASN- ()
dis.criteo.com
1    199.38.167.130 (None, )

ASN- ()
p.rfihub.com
2    2606:4700::6812:19ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    54.90.49.71 (None, )

ASN- ()
bpi.rtactivate.com
2    54.85.14.136 (None, )

ASN- ()
i.liadm.com
1    52.201.6.220 (None, )

ASN- ()
sync.crwdcntrl.net
2    54.225.179.207 (None, )

ASN- ()
io.narrative.io
Apex Domain
Subdomains		 Transfer
43 sftcdn.net
sc.sftcdn.net — Cisco Umbrella Rank: 93088
images.sftcdn.net — Cisco Umbrella Rank: 82783
232 KB
34 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
image2.pubmatic.com — Cisco Umbrella Rank: 1555
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
simage4.pubmatic.com — Cisco Umbrella Rank: 1864
image4.pubmatic.com — Cisco Umbrella Rank: 2201
44 KB
27 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 951
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2017
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
40 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
202 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 359
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925
aax.amazon-adsystem.com — Cisco Umbrella Rank: 464
s.amazon-adsystem.com — Cisco Umbrella Rank: 398
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923
89 KB
22 googlesyndication.com
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
315 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2293
usersync.gumgum.com — Cisco Umbrella Rank: 3044
5 KB
11 softonic-ar.com
microsoft-security-essentials.softonic-ar.com
softonic-ar.com — Cisco Umbrella Rank: 411701
wct.softonic-ar.com
264 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
ce.lijit.com — Cisco Umbrella Rank: 1432
8 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 6
analytics.google.com — Cisco Umbrella Rank: 266
ampcid.google.com — Cisco Umbrella Rank: 3299
54 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 972
4 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
4 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
4 KB
7 srvtrck.com
js.srvtrck.com — Cisco Umbrella Rank: 410849
search.srvtrck.com
hades.srvtrck.com — Cisco Umbrella Rank: 554679
i.srvtrck.com — Cisco Umbrella Rank: 244259
24 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 1108
us-u.openx.net — Cisco Umbrella Rank: 930
2 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
59 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 845
1 KB
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 13277
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
sync.smartadserver.com — Cisco Umbrella Rank: 2055
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
2 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
345 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
sync.crwdcntrl.net
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
1 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
185 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 809
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
2 KB
3 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1919
lexicon.33across.com — Cisco Umbrella Rank: 2501
5 KB
3 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 682
fonts.googleapis.com — Cisco Umbrella Rank: 115
9 KB
3 syndicatedsearch.goog
syndicatedsearch.goog — Cisco Umbrella Rank: 99224
56 KB
2 narrative.io
io.narrative.io
643 B
2 liadm.com
i.liadm.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 criteo.com
dis.criteo.com
725 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
839 B
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 10897
967 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
938 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5770
744 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
837 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2386
683 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
769 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2472
1011 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1758
1 KB
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4580
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 881
2 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1629
729 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1536
1019 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
952 B
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 9809
997 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
609 B
2 cloudfront.net
dnlgm0m0r44nl.cloudfront.net
16 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1774
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1738
api.btloader.com — Cisco Umbrella Rank: 1905
18 KB
2 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 4624
91 KB
1 rtactivate.com
bpi.rtactivate.com
109 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 rfihub.com
p.rfihub.com
790 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 2030
285 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1480
630 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 5299
201 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
592 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 3080
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1708
359 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 3411
4 KB
1 notix.io
notix.io — Cisco Umbrella Rank: 10504
266 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
279 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
449 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
648 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
657 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 9298
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 7994
601 B
1 yieldmo.com
sync-km.ads.yieldmo.com — Cisco Umbrella Rank: 25497
612 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2129
834 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399
476 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
198 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 5917
595 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2526
50 KB
0 loopme.me Failed
csync.loopme.me Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
274 86
Domain Requested by
28 images.sftcdn.net microsoft-security-essentials.softonic-ar.com
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
rtb.gumgum.com
u.openx.net
ce.lijit.com
ads.pubmatic.com
15 usersync.gumgum.com rtb.gumgum.com
s.amazon-adsystem.com
ads.pubmatic.com
15 sc.sftcdn.net microsoft-security-essentials.softonic-ar.com
sc.sftcdn.net
14 simage2.pubmatic.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
12 pixel.rubiconproject.com 8 redirects s.amazon-adsystem.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 cm.g.doubleclick.net 7 redirects u.openx.net
rtb.gumgum.com
s.amazon-adsystem.com
11 securepubads.g.doubleclick.net microsoft-security-essentials.softonic-ar.com
securepubads.g.doubleclick.net
sc.sftcdn.net
www.datadoghq-browser-agent.com
www.googletagservices.com
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
9 image2.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 pagead2.googlesyndication.com www.datadoghq-browser-agent.com
www.googletagservices.com
tpc.googlesyndication.com
7 match.prod.bidr.io 7 redirects
7 match.adsrvr.org 7 redirects
7 x.bidswitch.net 7 redirects
7 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
5 pixel.tapad.com 2 redirects s.amazon-adsystem.com
5 www.google.com microsoft-security-essentials.softonic-ar.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 hades.srvtrck.com js.srvtrck.com
hades.srvtrck.com
4 image6.pubmatic.com ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
s.amazon-adsystem.com
4 us-u.openx.net 1 redirects u.openx.net
4 c1.adform.net 4 redirects
4 eus.rubiconproject.com s.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
4 wct.softonic-ar.com microsoft-security-essentials.softonic-ar.com
wct.softonic-ar.com
www.datadoghq-browser-agent.com
4 id5-sync.com softonic-ar.com
www.datadoghq-browser-agent.com
4 www.googletagmanager.com microsoft-security-essentials.softonic-ar.com
www.googletagmanager.com
sdk.privacy-center.org
4 microsoft-security-essentials.softonic-ar.com softonic-ar.com
3 simage4.pubmatic.com ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 px.ads.linkedin.com 1 redirects s.amazon-adsystem.com
3 fonts.gstatic.com fonts.googleapis.com
3 rtb.mfadsrvr.com 3 redirects
3 www.googletagservices.com securepubads.g.doubleclick.net
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
3 creativecdn.com 3 redirects
3 eb2.3lift.com 2 redirects s.amazon-adsystem.com
3 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
3 sync.1rx.io 3 redirects
3 syndicatedsearch.goog www.google.com
syndicatedsearch.goog
microsoft-security-essentials.softonic-ar.com
3 fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com softonic-ar.com
c.amazon-adsystem.com
3 softonic-ar.com microsoft-security-essentials.softonic-ar.com
softonic-ar.com
2 io.narrative.io 1 redirects
2 i.liadm.com 2 redirects
2 dis.criteo.com ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pmp.mxptint.net 1 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects
2 idsync.rlcdn.com 2 redirects
2 pm.w55c.net 2 redirects
2 thrtle.com 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 ib.adnxs.com 1 redirects s.amazon-adsystem.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 t.adx.opera.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 cs.krushmedia.com 2 redirects
2 fonts.googleapis.com fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
2 bh.contextweb.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 secure.adnxs.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 rtb.gumgum.com s.amazon-adsystem.com
rtb.gumgum.com
2 ad.turn.com 2 redirects
2 afs.googleusercontent.com syndicatedsearch.goog
2 lexicon.33across.com 1 redirects microsoft-security-essentials.softonic-ar.com
2 lb.eu-1-id5-sync.com softonic-ar.com
www.datadoghq-browser-agent.com
2 dnlgm0m0r44nl.cloudfront.net js.srvtrck.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
2 analytics.google.com www.googletagmanager.com
2 ad-delivery.net microsoft-security-essentials.softonic-ar.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
microsoft-security-essentials.softonic-ar.com
2 www.google-analytics.com www.googletagmanager.com
www.datadoghq-browser-agent.com
2 sdk.privacy-center.org microsoft-security-essentials.softonic-ar.com
sdk.privacy-center.org
1 sync.crwdcntrl.net
1 bpi.rtactivate.com
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 p.rfihub.com 1 redirects
1 rtb.adentifi.com
1 pippio.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 cms.quantserve.com 1 redirects
1 image4.pubmatic.com
1 sync.bfmio.com
1 crb.kargo.com
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 notix.io
1 i.srvtrck.com
1 search.srvtrck.com www.datadoghq-browser-agent.com
1 match.sharethrough.com s.amazon-adsystem.com
1 prebid.a-mo.net s.amazon-adsystem.com
1 hb.yahoo.net
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com s.amazon-adsystem.com
1 server.cpmstar.com 1 redirects
1 sync-km.ads.yieldmo.com ce.lijit.com
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 ap.lijit.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 onetag-sys.com s.amazon-adsystem.com
1 ampcid.google.com www.datadoghq-browser-agent.com
1 cdn-ima.33across.com microsoft-security-essentials.softonic-ar.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 storage.googleapis.com microsoft-security-essentials.softonic-ar.com
1 ad.doubleclick.net microsoft-security-essentials.softonic-ar.com
1 api.btloader.com btloader.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 js.srvtrck.com microsoft-security-essentials.softonic-ar.com
1 partner.googleadservices.com www.google.com
1 btloader.com softonic-ar.com
1 www.datadoghq-browser-agent.com softonic-ar.com
0 csync.loopme.me Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
274 127

This site contains links to these domains. Also see Links.

Domain
www.softonic-ar.com
roblox.softonic-ar.com
chrome.softonic-ar.com
de.softonic.com
en.softonic.com
www.softonic.com
fr.softonic.com
www.softonic-id.com
it.softonic.com
www.softonic.jp
www.softonic.kr
www.softonic.nl
www.softonic.pl
www.softonic.com.br
www.softonic.ru
www.softonic-th.com
www.softonic.com.tr
www.softonic.vn
www.softonic.cn
images.sftcdn.net
www.microsoft.com
www.facebook.com
x.com
api.whatsapp.com
formfacade.com
microsoft-security-essentials.softonic.com.tr
microsoft-security-essentials.softonic-th.com
microsoft-security-essentials.softonic.kr
microsoft-security-essentials.softonic.cn
microsoft-security-essentials-64-bit.fr.softonic.com
microsoft-security-essentials-vista-windows-7.softonic.com.br
microsoft-security-essentials.softonic.vn
microsoft-security-essentials.softonic.ru
microsoft-security-essentials-windows-vista-7.softonic.nl
microsoft-security-essentials.softonic-id.com
microsoft-security-essentials-x64.softonic.jp
microsoft-security-essentials-vista-7-64.softonic.com
microsoft-security-essentials.en.softonic.com
microsoft-security-essentials-64bit.it.softonic.com
microsoft-security-essentials-64-bit.softonic.pl
microsoft-security-essentials-vista-windows-7.de.softonic.com
avast.softonic-ar.com
kaspersky-internet-security.softonic-ar.com
kaspersky-anti-virus.softonic-ar.com
shortcut-virus-remover.softonic-ar.com
windows-defender.softonic-ar.com
avg-antivirus-free.softonic-ar.com
baidu-antivirus.softonic-ar.com
windows-defender-offline.softonic-ar.com
eset-nod32-antivirus.softonic-ar.com
advanced-systemcare-ultimate.softonic-ar.com
immunos.softonic-ar.com
visnetic-antivirus-for-workstations.softonic-ar.com
trend-micro-titanium-security-for-netbooks.softonic-ar.com
myinternetsecurity-bronze.softonic-ar.com
norton-virus-definitions-update-64bits.softonic-ar.com
avast-virus-definitions-update.softonic-ar.com
mcafee-total-protection.softonic-ar.com
avira-free-antivirus.softonic-ar.com
360-total-security.softonic-ar.com
hello.softonic.com
get-support.softonic.com
revamp.softonic.com
dev-support.softonic.com
www.instagram.com
www.linkedin.com
fetchrss.com
Subject Issuer Validity Valid
*.softonic.com
Don Dominio / MrDomain RSA DV CA		 2023-12-11 -
2025-01-04		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s4-san.cloudinary.com
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
btloader.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
wct.softonic-ar.com
E1		 2023-12-16 -
2024-03-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-14 -
2024-08-12		 a year crt.sh
syndicatedsearch.goog
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
notix.io
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M03		 2023-12-11 -
2025-01-08		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-07-04 -
2024-08-01		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh

This page contains 48 frames:

Primary Page: https://microsoft-security-essentials.softonic-ar.com/
Frame ID: 8E449417DD1001D2304338515314BE2D
Requests: 110 HTTP requests in this frame

Frame: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8FF171B667A0EFF0C29DACB26932D7BA
Requests: 1 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?psid=3261714721&client=softonic&r=m&hl=ar&cpp=5&rpbu=https%3A%2F%2Fwww.softonic-ar.com%2Fs%2F%3Frscp%3Ddsk_rscp_ar_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301401%2C71847096&format=r4&nocache=9741705006824186&num=0&output=afd_ads&domain_name=microsoft-security-essentials.softonic-ar.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1705006824187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4628&frm=0&cl=588056317&uio=wi290-&cont=rscontainer&drt=0&jsid=csa&jsv=588056317&rurl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F
Frame ID: E53DB435EDCCE9AA7398169E3FBA2BF2
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Frame ID: 979689B2402F037D4A9FD6E3E8A7514E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 5D49A7DE8C18613A0313E2F7AE1C7FCE
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 54EF4C2B77EA03A65416AD8FC11F4A83
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: E6646793584A6262AFA94141D496F9AF
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: 7C5E2BBFB0A236522A477881FD1092B1
Requests: 20 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: 14B3BCD3CCD99FA6C28C3AD99F99FBD5
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8228395257861458961&gdpr=0&gdpr_consent=
Frame ID: 7D3D158B056B3A639F1E53352E441DE9
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: A56C42E3D12895315E87866D8E9AA4B1
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4687778659021120377048
Frame ID: 3DD7769698F08702131020D9CFCF3571
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=353044760378183193&gdpr=0&gdpr_consent=
Frame ID: CD8A72D6F7F9816A8E4B7167865852FE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9iYmNiMjdhNy05MDNmLTQwODAtYjc1OS0xZGUyNjkwZTNiYjM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 90C6DABBD30961AC7DF3B1A1170BB97A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 174D216C4F5EC817DCFA2456EC6D33B9
Requests: 18 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=5e429705-5af2-4d3a-9916-cdb10e4da43e
Frame ID: D6E2093257A701157E5177C9F94F0BCC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZaBW6sCo8XUAAIAt-0cAAAAA
Frame ID: 9E7F98862BF6E438068A12D2FD648F28
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=gumgum&tc=1
Frame ID: A7D7E611CB0BDE8F450A5B5C263FDDF9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 27ACD333CDFC5BD3BA43C4D4F86C5B90
Requests: 4 HTTP requests in this frame

Frame: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2E6AD985604EF831950A8919B20D130E
Requests: 14 HTTP requests in this frame

Frame: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F06355626C04576FF94C7EF2701918EA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsst_qEG8YTZ4u7r5IxVl7MVToqM3TGcZo8aMZRZ5DHDZt_s66MNI--2ai24dhRkIB99xCMQLgn38UTt7aBpFJfG7gEJ60NEa2rd7fAqpea6OnQw82eWZ-RGyIhhWRGu1Qf1DpRg9GFt3Qqi8mkJEvcwj6hIAMSvLW0qrEfmuqUbUOeS9tLiVGIOndsgOwyxQNfIDuDgnyJMSmRkmPSCMIzWh6NP1ecy1P6Me2vtllW3tOrfh0Gv9AJub74LZ59MlfxTWVtXA4enlpxWtYOf26gT-ddCNwPngZxgGlySBn_TC_6jpAQI1IAbRgvdmiYr0c_TwBDUt0bXal5kjnpeVS3eInRTC2J7bybraxYscpW8jzE8lCNo_4NkFZU9ZicY4Z7-hQrG3p5Wnm8ZSxqN-QBUPIy_NqzV4zoy-DCGPm-8gGoIq-_TPCjxPBfzni56bwKlvv2iRxytamD_JW1ZXqPg7fLfZbcB_Lq6dttsXMY&sai=AMfl-YTp6_ZurFw0RjiJkfeS0rKI39yimtkAK-aKwRGoL0r282l--4EK6dLTeSEb1cBx7U4gXs8lKju-owzO5Ym_jRW4tzvK2ITOTnvsJYxi17XBLPfyJbk8FS6A8K94MIQ&sig=Cg0ArKJSzNxktqFYdMeqEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 30AE11D1A2EE582F198FFCB33973D3F8
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=30DD4648-B5ED-444F-A69D-CA9544641527&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1037B98A96F408F4D2655FA560638E01
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID30DD4648-B5ED-444F-A69D-CA9544641527
Frame ID: A3B79B89718FCFD1B54FFBCB53359946
Requests: 1 HTTP requests in this frame

Frame: https://hades.srvtrck.com/v2/uuid.html
Frame ID: 1427B22BD59F41D02A7D56AE5A1EE81B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 481747ADA6530F06C2E40A5144171E95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C5545726C40F2DA80D9CDFF644BC59D
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=73836372-b0c4-11ee-8f5e-6e51af5f9eec
Frame ID: E73E9576CB4B2C66A5E2013F0AB10266
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACiaU7LQK4AABP4tSLlpg&gdpr=0
Frame ID: 559E1CC10D0790FA622F575022917D98
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4351479220626828673&gdpr=0&gdpr_consent=
Frame ID: 4A45291AB21A98BC712EF1CC66E376CB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaBW7QANzC_F6wBH
Frame ID: 9CA9067499D1CAD6FDD65F135E088258
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID30DD4648-B5ED-444F-A69D-CA9544641527
Frame ID: EE1A7BE16BCC5FAA85E7BE13FBD67535
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_32c0b4d07a55424cbb8c5
Frame ID: A3341DF8F63667B680F1322D26868E9D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 98A58B8804FA1B3E9137E13AC683988A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61
Frame ID: E7C28FEFD0F0864159DEF33A02234630
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pvNbrYB61Ro2a95&gdpr=0&gdpr_consent=
Frame ID: E504DAD231E59F36F44B41160EB2179E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Frame ID: 958DC3ED8C0572DB74FC30754675B24A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=30DD4648-B5ED-444F-A69D-CA9544641527
Frame ID: 514DC86A449D5017C9E7F5992DB49777
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=30DD4648-B5ED-444F-A69D-CA9544641527
Frame ID: A8F2320026D45DC2CFD0A5300D9A7691
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=pubmatic&gdpr=0&gdpr_consent=
Frame ID: F2523998E594D4F084886276B926CDB3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 21C3541F39D635752F266E6C03AB8F43
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321841463688766
Frame ID: AABC6327096CD46B50DEBD51B4BB6D01
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 65F73FC78E0D03CD02CAE741F8FC9162
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 66D476F47220867AA858640F88FBB850
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875837582589
Frame ID: EEF3434FDDC70E5EFE56AD4D54C9B198
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6cb3977631f742e5824f364d98f6de68
Frame ID: D02FD53C857C7FE67AFEBE9F796B82F2
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 96953B8D3C3AACACF7057BF6728D457B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=30DD4648-B5ED-444F-A69D-CA9544641527
Frame ID: 0860FD7E9DFFD2D9BE2AFE0BD0929EAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Security Essentials - تنزيل

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

274
Requests

80 %
HTTPS

28 %
IPv6

86
Domains

127
Subdomains

79
IPs

10
Countries

2179 kB
Transfer

6073 kB
Size

181
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 93
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Request Chain 95
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.3.0&us_privacy=1--- HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=REqIi2USIN12uj%2BRLRhyoiyLQgRgl0U6SIw1kA9FmZ0%3D
Request Chain 106
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1705006825569 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6677411497 HTTP 302
  • https://sync.1rx.io/usersync/turn/2323851562009475149?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005
Request Chain 110
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Request Chain 111
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8228395257861458961&gdpr=0&gdpr_consent=
Request Chain 112
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 113
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4687778659021120377048
Request Chain 114
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4351479220626828673
Request Chain 115
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=353044760378183193&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
Request Chain 116
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=05023d70-4517-0a5e-1865-60f1dc8b2466
Request Chain 117
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Request Chain 118
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ENOGkkRE2pedpmwkUbIpTcFxTtsVIBhCqljC~A
Request Chain 119
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=4afffdcc-d345-494c-be75-fdcb7daafa99
Request Chain 121
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&s=2&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=V_6xSp-oOMYlXRk8oz7J&gdpr=0
Request Chain 122
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=mwuXGqTuwYD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 123
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8228395257861458961
Request Chain 128
  • https://match.adsrvr.org/track/cmf/openx?oxid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0&gdpr_consent=
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAFahyHwwtO_3EZwFRJ1tGo&google_cver=1
Request Chain 131
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=353044760378183193&gdpr=0&gdpr_consent=
Request Chain 134
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=5e429705-5af2-4d3a-9916-cdb10e4da43e
Request Chain 135
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaBW6sCo8XUAAIAt-0cAAAAA
Request Chain 136
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=gumgum&tc=1
Request Chain 137
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 157
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=64ddd6f7-87f2-409c-8b34-25dd7f7128ed
Request Chain 158
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fcs.krushmedia.com%2F0674638529195b597475a5faaba7eee8.gif%3Fpuid%3D%5Bsas_uid%5D&gdpr_consent=[consent_string]&nwid=4478 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://cs.krushmedia.com/0674638529195b597475a5faaba7eee8.gif?puid=[sas_uid]&gdpr_consent=[consent_string]&nwid=4478&cklb=1 HTTP 302
  • https://cs.krushmedia.com/0674638529195b597475a5faaba7eee8.gif?puid=8228395257861458961 HTTP 302
  • https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=018091c2-7db4-5e14-8c96-6f47156356b2
Request Chain 159
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?3pid=OPU6cb3977631f742e5824f364d98f6de68&gdpr=0&gdpr_consent=&pid=103
Request Chain 160
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR9P1IYK-G-2SDC&gdpr=0
Request Chain 161
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dfmx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=6hWwUFVsoqNPDcx69jl_0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN1GSLXtRE-mncqVRGQVJw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 171
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=30DD4648-B5ED-444F-A69D-CA9544641527 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=30DD4648-B5ED-444F-A69D-CA9544641527 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4fa39ff1-9584-4f30-b682-9627918f743a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=4fa39ff1-9584-4f30-b682-9627918f743a%2C%2C
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBERDQ2NDgtQjVFRC00NDRGLUE2OUQtQ0E5NTQ0NjQxNTI3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP1TGn-myXeFWuD1djMIy6A&google_cver=1
Request Chain 176
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CEB851FA66C8452BB1074AA4B01A8CFE
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=
Request Chain 188
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LR9P1J24-1H-K54I HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 191
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LR9P1J24-1H-K54I HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LR9P1J24-1H-K54I&us_privacy=1---
Request Chain 192
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Request Chain 193
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI5UDFKMjQtMUgtSzU0SQ==&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEGCdj1vHB7N0HaKZYwu-LJE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5UDFKMjQtMUgtSzU0SQ==&google_push=&gdpr=0
Request Chain 194
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Request Chain 195
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=&expires=30
Request Chain 196
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDg0ZTk1YjUzM2YyNGViMDNjMTg0OTFkNjEyNDIwZjdkOTVkMjJkMA&gdpr=0&us_privacy=1---
Request Chain 197
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-ibfCEh4SM6NbjLgJcMnmg&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ibfCEh4SM6NbjLgJcMnmg&gdpr=0
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC1WEnOR7uFVJBjMdAkjn3A&google_cver=1
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1jxHT7Wf1_6Zd0-hinymkMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LO6ZfM5E2oJ42AK0m_XiPDJJPRr0KUKWCwKLhQ--~A
Request Chain 201
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACiaU7LQK4AABP4tSLlpg&expires=30&gdpr=0
Request Chain 202
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Request Chain 203
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Request Chain 204
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR9P1J24-1H-K54I&redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR9P1J24-1H-K54I&gdpr=0&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Jal9LcnZkRTJ1RmhSOU1nT0p3MEp0QXF3UHVob0ZnTX5B&gdpr=0&ovsid=LR9P1J24-1H-K54I&us_privacy=1---&dpid=58160
Request Chain 205
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Request Chain 206
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Request Chain 207
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Request Chain 231
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=73836372-b0c4-11ee-8f5e-6e51af5f9eec
Request Chain 232
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDaWFVN0xRSzRBQUJQNHRTTGxwZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACiaU7LQK4AABP4tSLlpg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8228395257861458961&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACiaU7LQK4AABP4tSLlpg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8228395257861458961%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8228395257861458961&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACiaU7LQK4AABP4tSLlpg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACiaU7LQK4AABP4tSLlpg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8228395257861458961%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8228395257861458961&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACiaU7LQK4AABP4tSLlpg&gdpr=0
Request Chain 233
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4351479220626828673&gdpr=0&gdpr_consent=
Request Chain 234
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaBW7QANzC_F6wBH
Request Chain 236
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=30DD4648-B5ED-444F-A69D-CA9544641527&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1a6bbf94-3a80-4e4d-b7ef-13e44c460022
Request Chain 240
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=30DD4648-B5ED-444F-A69D-CA9544641527&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ALL3fBE2uWwtlcxAo_bpihWndUPpkY-~A&gdpr=0
Request Chain 241
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4afffdcc-d345-494c-be75-fdcb7daafa99&gdpr=0&gdpr_consent=
Request Chain 243
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_32c0b4d07a55424cbb8c5
Request Chain 244
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=64ddd6f7-87f2-409c-8b34-25dd7f7128ed&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 245
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61
Request Chain 246
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pvNbrYB61Ro2a95&gdpr=0&gdpr_consent=
Request Chain 247
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Request Chain 250
  • https://idsync.rlcdn.com/712188.gif?partner_uid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDMwREQ0NjQ4LUI1RUQtNDQ0Ri1BNjlELUNBOTU0NDY0MTUyNxAAGg0I7a2BrQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&rand=05923858 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&rand=05923858&expected_cookie=3566eeee-dd59-496f-91aa-84e70c91f420
Request Chain 251
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/gdpr_consent=
Request Chain 253
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1433f9dd813e0fa9&is_secure=true&networkId=17100&version=1&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGwuiK0JzDdAN6VLNAAAAAAAA&expiration=1705093231&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 254
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3da2d744-103c-40ad-a37f-7435b3abdf5c-65a056ed-5553&gdpr=0&gdpr_consent=
Request Chain 256
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2323851562009475149&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 257
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10F23AA9F_6F144E98&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 262
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d5982542-dce5-4bae-b81c-54d080b4fe5e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=30DD4648-B5ED-444F-A69D-CA9544641527
Request Chain 263
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=pubmatic&gdpr=0&gdpr_consent=
Request Chain 265
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321841463688766
Request Chain 267
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 268
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875837582589
Request Chain 269
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6cb3977631f742e5824f364d98f6de68
Request Chain 273
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=30DD4648-B5ED-444F-A69D-CA9544641527 HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=30DD4648-B5ED-444F-A69D-CA9544641527&_li_chk=true&previous_uuid=48cb349273e6483385c786fe65551693 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 275
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:30DD4648-B5ED-444F-A69D-CA9544641527 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=7558b350-b0c4-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:30DD4648-B5ED-444F-A69D-CA9544641527
Request Chain 276
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=353044760378183193

274 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-security-essentials.softonic-ar.com/ 		337 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
5e0e18e886a3389c23afdd90bfd1a45f5f4805968ee0e8c3e296c6c8ff071339
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
br
content-language
ar-SA
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 21:00:23 GMT
permissions-policy
accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
user-agent,accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-detected-as
desktop
x-envoy-upstream-service-time
292
x-frame-options
sameorigin
x-is-bot
false
x-page-id
app
x-rendered-as
desktop
x-request-id
3a851ccb-0045-48d6-99fc-89ddf1f0e447
x-served-by
server-6d8d679cf9-9njtk
x-version
1.6127.0
x-xss-protection
1
loader.js
sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=softonic-ar.com
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:e000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e1ae146e5e48626861cf984f8606faf7ec288b9f73c0305c15a71f4881c704f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:39:49 GMT
content-encoding
br
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:false
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
1234
x-amzn-requestid
ce0a0106-e372-47e0-9a42-0af04cb578ad
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-didomi-configs-version
95
x-amzn-trace-id
root=1-65a01cd0-298a8fc61d3ba7f963be1b27;sampled=0;lineage=eaae1266:0
etag
W/"bd44e6763777411d1a67196c6a31037f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
x-amz-cf-id
pxTFW__gBwczWRcuNyDz9MRNMpc8HZevqbCUOXzIdmWnglbTFugzBw==
gtm.js
www.googletagmanager.com/ 		438 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
784d6b415cd3d4f9e0f053ec647b8eb6bfe726cb51727e223cd13d7ae30c1f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
124577
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 21:00:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e2f600c48371157f9dad40813abb9e741a2d4cf9fa190697b728bd09d58f364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29332
x-xss-protection
0
server
cafe
etag
212 / 19733 / 31080327 / config-hash: 7294222966135585507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 21:00:23 GMT
ads.js
www.google.com/adsense/search/ 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fc1e99be9e7cbe33a9489f55617429231d25f33e077372ebcc5660e7253f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"9661821865560328822"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Thu, 11 Jan 2024 21:00:23 GMT
sft-prebid.js
softonic-ar.com/revamp/ 		345 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic-ar.com/revamp/sft-prebid.js
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3edfbc46685f6b4a7652dd6394237067f0a481d6631b1951a016a00e05058306

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-version
1.1315.0
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
17645
x-cache
MISS, HIT
x-envoy-upstream-service-time
8
x-region
NY
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99535
x-request-id
4b8cdbef-cd7e-40d3-b7fa-e6dd8bf34f46
x-served-by
cache-ams21030-AMS, cache-bfi-krnt7300103-BFI
x-platform-version
NT 10.0
x-browser-version
120.0.6099.216
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1705006824.581323,VS0,VE0
etag
W/"eed89fba9f566c05e48ed29b22879654"
x-browser-name
Chrome
vary
Accept-Encoding,x-country-code,x-device-platform
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
0, 211
sft-bundle.js
softonic-ar.com/revamp/ 		326 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
933ea12ddcde386f76de82b7b5450300ba19b94a09ebbe914f21fa628fc13262

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-version
1.1313.0
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
99307
x-cache
HIT, HIT
x-envoy-upstream-service-time
42
x-region
NY
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74025
x-request-id
102e6584-1daa-4a96-bd37-3330b3772f50
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300021-BFI
x-platform-version
NT 10.0
x-browser-version
120.0.6099.216
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1705006824.603789,VS0,VE0
etag
W/"9be70c8f2b1467a9fc5e9a75c77ede40"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform,x-platform-id
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
1, 937
72c3f-15ab4.mjs
sc.sftcdn.net/scripts/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/72c3f-15ab4.mjs
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
bc5bc60d2d0770be838ba653bb352014da237d427ad05f0d72f10db52046e49c

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 08:20:30 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2119193
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13290
x-served-by
cache-ams21081-AMS, cache-mia-kmia1760059-MIA
last-modified
Wed, 13 Dec 2023 14:13:44 GMT
server
istio-envoy
x-timer
S1705006824.513419,VS0,VE0
etag
W/"6579bc18-b7b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
68, 1826
23986-4f1cf.mjs
sc.sftcdn.net/scripts/ 		101 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
1d84d36618f85a216efd1b209853929d703a9501a12fa5e04a5993c2ec1b7432

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 14:26:05 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
685122
x-cache
HIT, HIT
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22016
x-served-by
cache-ams12731-AMS, cache-mia-kmia1760059-MIA
last-modified
Tue, 02 Jan 2024 12:15:10 GMT
server
istio-envoy
x-timer
S1705006824.513496,VS0,VE0
etag
W/"6593fe4e-19444"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
31, 1854
microsoft-security-essentials-Dakirby309-Simply-Styled-Microsoft-Security-Essentials.ico
images.sftcdn.net/images/t_app-icon-s/p/dff6f48a-96d0-11e6-b8de-00163ec9f5fa/2318931527/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/dff6f48a-96d0-11e6-b8de-00163ec9f5fa/2318931527/microsoft-security-essentials-Dakirby309-Simply-Styled-Microsoft-Security-Essentials.ico
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
c16479cce7bfda22cb9fd218628efa4df89b329337dce23126ed20c0f1f31715
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:23 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:49:38 GMT
server
Cloudinary
etag
"405a9dd7fbf53add1135b26e310fc887"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="microsoft-security-essentials-Dakirby309-Simply-Styled-Microsoft-Security-Essentials.ico"
server-timing
cld-akam;dur=71;start=2024-01-11T21:00:23.829Z;desc=hit-near,rtt;dur=83,content-info;desc="width=112,height=112,owidth=256,oheight=256,obytes=169083"
accept-ranges
bytes
timing-allow-origin
*
content-length
1026
microsoft-security-essentials-387400.png
images.sftcdn.net/images/t_app-cover-s,f_auto/p/dff6f48a-96d0-11e6-b8de-00163ec9f5fa/540463950/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-cover-s,f_auto/p/dff6f48a-96d0-11e6-b8de-00163ec9f5fa/540463950/microsoft-security-essentials-387400.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
8e755e09f14b77b9c6ef973522c23882759cf7e262e80679f5048e0d46e132ec
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:23 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="microsoft-security-essentials-387400.png"
server-timing
cld-akam;dur=9;start=2024-01-11T21:00:23.829Z;desc=miss,rtt;dur=83,cloudinary;dur=74;start=2024-01-10T13:33:00.458Z
content-length
11974
last-modified
Thu, 08 Oct 2020 13:15:23 GMT
server
Cloudinary
etag
"8143d9f887f2181faddfde8f1fe02d8a"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
5bba3-e5711.woff2
sc.sftcdn.net/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/5bba3-e5711.woff2
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 03 Jan 2025 04:18:44 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
664898
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12698
x-served-by
cache-ams12758-AMS, cache-mia-kmia1760059-MIA
last-modified
Tue, 02 Jan 2024 12:15:10 GMT
server
istio-envoy
x-timer
S1705006824.512966,VS0,VE0
etag
W/"6593fe4e-319c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
15, 1798
e1d66-f3d0b.css
sc.sftcdn.net/styles/ 		107 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/e1d66-f3d0b.css
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0089b0f7f21bfd72e5e09ec08a91edfb1d940db7dbd4afa9d116ef2215e2b25c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 09:56:03 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2027059
x-cache
HIT, HIT
x-envoy-upstream-service-time
11
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16837
x-served-by
cache-ams21083-AMS, cache-mia-kmia1760062-MIA
last-modified
Tue, 19 Dec 2023 09:42:45 GMT
server
istio-envoy
x-timer
S1705006824.513623,VS0,VE0
etag
W/"65816595-1aa5e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
72, 4394
40150-a5fb0.css
sc.sftcdn.net/styles/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/40150-a5fb0.css
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6fbfd9f15b571ccec952647d4fd91e45b42c67b372b042cb9404d00a8d9fac07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 08 Nov 2024 11:55:58 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
5475865
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3079
x-served-by
cache-ams21046-AMS, cache-mia-kmia1760062-MIA
last-modified
Thu, 09 Nov 2023 11:17:56 GMT
server
istio-envoy
x-timer
S1705006824.513599,VS0,VE0
etag
W/"654cbfe4-3377"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
45, 4100
fa090-0d026.svg
sc.sftcdn.net/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/fa090-0d026.svg
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 01:02:39 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2404663
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2107
x-served-by
cache-ams21030-AMS, cache-mia-kmia1760062-MIA
last-modified
Thu, 14 Dec 2023 14:41:54 GMT
server
istio-envoy
x-timer
S1705006824.513239,VS0,VE0
etag
W/"657b1432-12b0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
24212, 3999
b94b1-d9c76.css
sc.sftcdn.net/styles/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/styles/b94b1-d9c76.css
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 22:25:53 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
772469
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1856
x-served-by
cache-ams12746-AMS, cache-mia-kmia1760062-MIA
last-modified
Tue, 02 Jan 2024 12:15:10 GMT
server
istio-envoy
x-timer
S1705006824.552478,VS0,VE0
etag
W/"6593fe4e-12d9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
19, 1400
585ea-68c47.woff2
sc.sftcdn.net/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/585ea-68c47.woff2
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:03:59 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
22503384
x-cache
HIT, HIT
x-envoy-upstream-service-time
5
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16706
x-served-by
cache-ams21069-AMS, cache-mia-kmia1760059-MIA
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1705006824.513790,VS0,VE0
etag
W/"644801fe-4144"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
13576, 1742
d1174-0627e.woff2
sc.sftcdn.net/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/fonts/d1174-0627e.woff2
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Origin
https://microsoft-security-essentials.softonic-ar.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 25 Apr 2024 10:04:01 GMT
date
Thu, 11 Jan 2024 21:00:23 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
22503382
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17553
x-served-by
cache-ams21076-AMS, cache-mia-kmia1760059-MIA
last-modified
Tue, 25 Apr 2023 16:38:22 GMT
server
istio-envoy
x-timer
S1705006824.513463,VS0,VE0
etag
W/"644801fe-4490"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
23, 1745
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
sdk.644f2d8890ecc5e4304aea988ef8d748ff3e8437.js
sdk.privacy-center.org/sdk/644f2d8890ecc5e4304aea988ef8d748ff3e8437/modern/ 		321 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/644f2d8890ecc5e4304aea988ef8d748ff3e8437/modern/sdk.644f2d8890ecc5e4304aea988ef8d748ff3e8437.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/a8ff32f4-78c7-4428-825d-0badb488b68b/loader.js?target=softonic-ar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:e000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9099f66dc3ee8a19b91851ed50843a7cf681658f2085ed79ef3ada56e67db70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:38:57 GMT
content-encoding
br
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:38:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
15687
etag
W/"2269c0b912de270d5724211748e24a42-1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
0StjUOgTCOQQn6invrpEO507DXotiBb3HNsk4ZGOIuP5xH-rfCODkQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:38:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
15715
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140168
x-xss-protection
0
server
cafe
etag
17101759845534740898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 10 Jan 2025 16:38:28 GMT
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.51.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-51-165.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:59:55 GMT
content-encoding
gzip
via
1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
30
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
_Qhpi0h3SEKDNvMT1lKKMXAhl39dl4UEVcUYzb_XYB9hn4bRqYjSpw==
sft-bundle.js
softonic-ar.com/revamp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-version
1.1313.0
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
via
1.1 google, 1.1 varnish, 1.1 varnish, 1.1 google
age
99307
x-cache
HIT, HIT
x-envoy-upstream-service-time
7
x-region
NY
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74025
x-request-id
102e6584-1daa-4a96-bd37-3330b3772f50
x-served-by
cache-ams12763-AMS, cache-bfi-krnt7300038-BFI
x-platform-version
NT 10.0
x-browser-version
120.0.6099.216
x-platform-id
Windows 10
server
istio-envoy
x-publisher-id
softonic
x-timer
S1705006824.001572,VS0,VE0
etag
W/"9be70c8f2b1467a9fc5e9a75c77ede40"
x-browser-name
Chrome
vary
Accept-Encoding,x-device-platform,x-platform-id
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-country-code, x-region, x-browser-name, x-browser-version, x-platform-id, x-platform-version, x-device-platform
cache-control
max-age=172500, public, s-maxage=172800, stale-if-error=31536000, stale-while-revalidate=864000
x-device-platform
Desktop
accept-ranges
bytes
x-country-code
US
x-cache-hits
1, 1273
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:08:15 GMT
content-encoding
gzip
via
1.1 0712e4ad4264127dfcb76a114b130494.cloudfront.net (CloudFront), 1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
3130
x-amz-server-side-encryption
AES256
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
dqIrjXZ5jUNJzn4Zd8hIhHKrYNXZ28r7VrLPMSr4kVY2D4RNWOsnKQ==
tag
btloader.com/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9d012445368850fe72e98a60abeb8a4aa0a59e3e794058a345f37e3069a3f01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 20:08:16 GMT
server
cloudflare
age
3076
etag
"774d59682e79bee8bb543025d81a7290"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
844016cb5b27336a-MIA
content-length
17984
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52c7d0a58d4eb8030659791c2236e1d1809bf8aa4fc7faf056baf9e54d58ecc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72734
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 21:00:24 GMT
cookie.js
partner.googleadservices.com/gampad/ 		384 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=microsoft-security-essentials.softonic-ar.com&client=softonic&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0502f71044773692729b06705a3c58788e02666ab06cc6d93103203dae44235b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
243
x-xss-protection
0
event
microsoft-security-essentials.softonic-ar.com/plausible/api/ 		2 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://microsoft-security-essentials.softonic-ar.com/plausible/api/event
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Jan 2024 21:00:23 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
75
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
85b01f2e-5762-43f5-8de7-2623262c84ec
best-recommended-apps
microsoft-security-essentials.softonic-ar.com/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://microsoft-security-essentials.softonic-ar.com/best-recommended-apps?appId=dff6f48a-96d0-11e6-b8de-00163ec9f5fa&categoryId=antivirus&pageId=app&developerSlug=microsoft&platformId=windows&locale=ar-SA&programName=Microsoft+Security+Essentials&browserName=chrome&browserVersion=120.0.6099.216&countryCode=US&deviceType=desktop&isEU=false&isCalifornia=false&region=NY&userPlatformId=windows&userPlatformVersion=10.0&placementId=download-intent&position=66
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e9c31927763f03b102486bcd0a9827dc7375b9860debdd3d1aebfed04c26c846

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-version
4.464.0
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-server-by
cpi-api
via
1.1 google
x-winner-campaign-logic
sov
x-user-platform
windows
x-winner-campaign-id
winzip-compression
x-resource-id
@cpi-api/bestRecommendedApps
x-envoy-upstream-service-time
36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
52f9c438-1d72-4db9-a101-95d6b631d291
server
istio-envoy
x-publisher-id
softonic
vary
Origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache,no-store,max-age=0,must-revalidate
x-publisher-projection-version
4362
x-suitable-campaigns-count
3
x-country-code
US
x-page-id
bestRecommendedApps
prebid
id5-sync.com/api/config/ 		135 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
date
Thu, 11 Jan 2024 21:00:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-631321069
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/644f2d8890ecc5e4304aea988ef8d748ff3e8437/modern/sdk.644f2d8890ecc5e4304aea988ef8d748ff3e8437.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3895e3155eed72fdb0a76b416fef8da7ef0e5c3ffe340722223a565648ce73b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72660
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 21:00:24 GMT
wct.js
wct.softonic-ar.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wct.softonic-ar.com/wct.js?type=session
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c834ba68f416b49806b8e2e82f19ef846d5bca11542e0131cc22b56ec7fb78b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E3to1t8UUK5q4MoYM0MwtzyckaP%2FCnuVb5%2F3GUCOGGXQ4FJfubm7A%2FsiQIrKlV6cWVMshK009cgzYk6r9lEt2zZVTGiY9PiJkSOn1qeAuhnhmb%2Fc5YgHRyRXvYSSfsAJk2BgqCZhtGdO2o3zC5Ou8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age:3600
cf-ray
844016cc4ff48dd0-MIA
wct-referer
https://microsoft-security-essentials.softonic-ar.com/
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 19:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4115
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 11 Jan 2024 21:51:49 GMT
js
js.srvtrck.com/v1/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8833f51b66fa97cec6e1c8979d9e6e859228bfb45064b7601a6a1f5c99ed4c94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Jan 2024 00:32:53 GMT
server
cloudflare
age
73614
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
p3p
CP="CAO PSA OUR"
cache-control
public, max-age=86400
cf-ray
844016cd9d7a02ed-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 21:00:24 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LWWHP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f1025c1815a37ee80aec74c7ff24cfd14815787d4a9c739529b32c9b1d8514a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82347
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Jan 2024 21:00:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		207 B
148 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.softonic-ar.com
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1833b0d747de756c731e9e54657199376daadd77061e2919a9bf06c91433632f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123
x-xss-protection
0
expires
Thu, 11 Jan 2024 21:00:24 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
88AD58NX3CMMH9FX
age
2665
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
844016cd98e031e0-MIA
x-amz-id-2
cQls541fbzKJhS3P660rBRulR2Vkdvy96koioIeuyCsdiws46drppXutHRitAjxMh87uueAKBH5Zq+8RBQqq2A==
ads
securepubads.g.doubleclick.net/gampad/ 		782 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=139994871044085&correlator=3185114309207600&eid=31080286%2C31080301%2C31080327&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-ar%2CApps%2CProgrampage%2CATF_OOP_Wallpaper&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705006824358&lmt=1705006824&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=2089169067.1705006824&ga_sid=1705006824&ga_hid=1672844015&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRig983SzzFIAFICCGQ.&dlt=1705006823351&idt=917&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-wallpaper%26hvi%3Dfalse%26type%3Doop_display_wallpaper&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26file%3Ddff6f48a-96d0-11e6-b8de-00163ec9f5fa%26reviewvecna%3Dfalse%26recat%3Dsecurity-privacy%252Cantivirus%26hosted%3Dfalse%26compliant%3D1%26devel%3D0%26locale%3Dar-SA%26author%3DMicrosoft%26content%3Drich%26country%3DUS%26region%3DA%26platformId%3Dwindows%26ad_session_id%3De8a2e018-5dcb-4fcc-989a-ea6392ec30fd%26pv%3D1%26ab_upr%3D2%26personalized%3D1&adks=1352289321&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fb21a1261405f6725f1b1ada03ee1d8c10b93aa9db99f7e46f9c6549e1570b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:00:24 GMT
expires
Fri, 10 Jan 2025 21:00:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
syndicatedsearch.goog/afs/ Frame E53D 		15 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/afs/ads?psid=3261714721&client=softonic&r=m&hl=ar&cpp=5&rpbu=https%3A%2F%2Fwww.softonic-ar.com%2Fs%2F%3Frscp%3Ddsk_rscp_ar_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301401%2C71847096&format=r4&nocache=9741705006824186&num=0&output=afd_ads&domain_name=microsoft-security-essentials.softonic-ar.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1705006824187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4628&frm=0&cl=588056317&uio=wi290-&cont=rscontainer&drt=0&jsid=csa&jsv=588056317&rurl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
133495966a7ed0b79d8d1e60924036fea9ada2b22d247c56fefd6e2b97f4cb1a
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-fiiftoSAGEQyxTz23WSW8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2721
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-fiiftoSAGEQyxTz23WSW8w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 11 Jan 2024 21:00:24 GMT
expires
Thu, 11 Jan 2024 21:00:24 GMT
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/631321069/?random=1705006824432&cv=11&fst=1705006824432&bg=ffffff&guid=ON&async=1&gtm=45be4180&gcd=11l1l1l1l1&dma=0&tcfd=10000&u_w=1600&u_h=1200&url=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&us_privacy=1---&auid=13779088.1705006824&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-631321069&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93a679e6e0ee5c4b2e031bdf5ca88b1f3a421b565de169f88ebec2ba1f076f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk6-1770ad.mjs
sc.sftcdn.net/scripts/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk6-1770ad.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
da32d596cbf89f9ce17641d26b42138c70c6cdd9a6b13c00ed38fe78978c1e16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 08:20:31 GMT
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2119193
x-cache
HIT, HIT
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3773
x-served-by
cache-ams21029-AMS, cache-mia-kmia1760085-MIA
last-modified
Wed, 13 Dec 2023 14:13:44 GMT
server
istio-envoy
x-timer
S1705006824.484915,VS0,VE0
etag
W/"6579bc18-331c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
66, 3606
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5633429348548608&domain=softonic.com&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 Jan 2024 21:00:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
998358
x-guploader-uploadid
ABPtcPo4v-lihO1QF2uZKwIHI4MwQbVPvYVOsDS0VC65Wwih1u5eW_D8Iss1Wj-OLWB-F776sD4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj1giqCvO9%2BAtWyLML%2BqkaQ2h%2FlMOD98%2Fp34FSeQZvx8nPNA3a7bETlGG2O5ZZ%2FN45aHcpNFL63S97Po7tLBII60lA69YfhotlJD7EA0sx9JKYnVzJ8i7QshNieQb543rnx5ZNgfQXA8PkX0fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
844016ce1eef257d-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 09:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 12 Jan 2024 09:01:42 GMT
px.gif
ad-delivery.net/ 		43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.662102515598729
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
998358
x-guploader-uploadid
ABPtcPo4v-lihO1QF2uZKwIHI4MwQbVPvYVOsDS0VC65Wwih1u5eW_D8Iss1Wj-OLWB-F776sD4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FJumZ9Bc1ZIE5ZyFR6OLU15XOdG1AxhXUFxL2Ef15hokcT1Xc1A88Cu8QoyUqXXkLBFZL%2FwuHkesXQ%2BXeI52dHpFGRhItmSO4IMR4x6Fua6sKrJOWdROSWPFjJt9oOO6zVyihkWqnsgm%2BMZcA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
844016ce1eec257d-MIA
expires
Sun, 31 Dec 2023 08:39:47 GMT
event
microsoft-security-essentials.softonic-ar.com/plausible/api/ 		2 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://microsoft-security-essentials.softonic-ar.com/plausible/api/event
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-bundle.js?modern=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.104 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.233.227.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
via
1.1 google
server
istio-envoy
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-request-id
60c0c903-3c85-44bb-96d2-be3f2f766de9
corporate-logo-nb.svg
storage.googleapis.com/storage-proxy-assets/revamp-di-sft/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/storage-proxy-assets/revamp-di-sft/corporate-logo-nb.svg
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::201b Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:17:31 GMT
age
2573
x-guploader-uploadid
ABPtcPrYSrLLninufb0UPbQji5VdXVSIuLD8dPr1bAupDrsA1uTfMit_d0JG3gGp9Yn7pdeVN7Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6593
last-modified
Wed, 01 Mar 2023 13:19:57 GMT
server
UploadServer
etag
"8a5ec86f9e44863fd94329cebaecb4d1"
x-goog-generation
1677676797280447
x-goog-hash
crc32c=wuPwOw==, md5=il7Ib55Ehj/ZQynOuuy00Q==
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
6593
accept-ranges
bytes
expires
Thu, 11 Jan 2024 21:17:31 GMT
winzip-logo
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-logo
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
b6ebd2244153bb9f85eab74cb2097c99965ec579adc640c607fd7a15b60b3e19
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-logo.webp"
server-timing
cld-akam;dur=4;start=2024-01-11T21:00:24.565Z;desc=hit,rtt;dur=83,content-info;desc="width=1800,height=600,owidth=1800,oheight=600,obytes=14375"
content-length
10266
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"c567f65948078ebf902a2488816bb956"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
winzip-feature-A
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-feature-A
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
1ada5d6847da8280cb91c16bea3a27c5e0b5c3a5801b11c735f47c4f5a36e3ef
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-feature-A.webp"
server-timing
cld-akam;dur=3;start=2024-01-11T21:00:24.565Z;desc=hit,rtt;dur=83,content-info;desc="width=156,height=111,owidth=156,oheight=111,obytes=7867"
content-length
7276
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"e416811005c90530a730a5287d43a858"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
winzip-feature-B
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-feature-B
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0dfdd88f0f92086884ea4214bc6b6f54119d75b3d72000e4cb83ea48166282ea
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-feature-B.webp"
server-timing
cld-akam;dur=3;start=2024-01-11T21:00:24.565Z;desc=hit,rtt;dur=83,content-info;desc="width=156,height=111,owidth=156,oheight=111,obytes=1651"
content-length
910
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"5c256b0f30e5bda17f7367b7a0034724"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
winzip-feature-C
images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/image/upload/dpr_auto,f_auto,fl_sanitize,q_auto/download_intent/templates/corel-corporation/winzip-compression/winzip-feature-C
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0916fc3d1ca0339e2baa78b1a105e78c99f823d26a8f149a8afd123e040238e3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="winzip-feature-C.webp"
server-timing
cld-akam;dur=4;start=2024-01-11T21:00:24.565Z;desc=hit,rtt;dur=83,content-info;desc="width=156,height=111,owidth=156,oheight=111,obytes=6265"
content-length
5494
last-modified
Fri, 19 May 2023 13:04:56 GMT
server
Cloudinary
etag
"7e57fa2e940c7eef3e6d241066b592ab"
vary
Accept,User-Agent,Save-Data,DPR,Sec-CH-DPR
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
3177
config.aps.amazon-adsystem.com/configs/ 		532 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3177
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-59.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
df5c415b492d1ddcee74d91f4799b72b861f0068f37368fc237adabaaa85a866

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:56:16 GMT
via
1.1 e87e1498b0d1acb21c287e606097161a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
248
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
bRPjCXj6knSgZau-k88B3sJfYb8rl5KaFeOYJlaWV5pqmL4DNH7Y8Q==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3177&u=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
1c996febe2406193a8f4f29f33e6368f1ac678773895375fa183cfa2fabe6195

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
via
1.1 92c9325fb1bf81aabb598856cb037f78.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1246
x-amz-cf-id
57jXl8tIYLIewvmhwdZ6IYcajiGsEOEeLo3qt2NPA-bYeKbStU9wZw==
bid
aax.amazon-adsystem.com/e/dtb/ 		151 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3177&u=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&pid=Z4a9jr1Nzy2Nw&cb=0&ws=1600x1200&v=23.1211.1645&t=1000&slots=%5B%7B%22sd%22%3A%22top-mpu-1__ad%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x180%22%2C%22300x150%22%2C%22250x250%22%2C%22200x200%22%2C%22180x150%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-ar%2FApps%2FProgrampage%2FATF_MPU_First%22%7D%2C%7B%22sd%22%3A%22top-leaderboard-1__ad%22%2C%22s%22%3A%5B%221x1%22%2C%22970x250%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%2C%22500x90%22%2C%22468x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F5302%2Fdesktop%2Fdesktop-Web-ar%2FApps%2FProgrampage%2FATF_Leaderboard_First%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-29.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e9bcfe7caebe4092e510bca5525284b31e9811895dc43430dd9a25191c859caf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
RKQFYW44JZTGTVQGQQM9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
151
x-amz-cf-id
WMpTZfTso5zBM7JJbyh_Gog8MP0O2ZlUZAeCYp7qIC-ku-BRJIjeOQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.64.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-64-130.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 acbc16f609c0c9804b8a2c3d38d3023e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
RBRU6yGi5Dk4Qv8vO9vXVv4s9MfPBwSjLj5l013998fOKpM2epvr4g==
collect
analytics.google.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je4180h1v877889940z86335967&_p=1705006823385&_gaz=1&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=2089169067.1705006824&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705006824&sct=1&seg=0&dl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&dt=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&en=page_view&_fv=1&_ss=1&ep.page_type=program_page&ep.site_language=ar&ep.google_click_id=&ep.test_variant=&ep.pv=1&ep.program_id=dff6f48a-96d0-11e6-b8de-00163ec9f5fa&ep.program_platform=windows&ep.program_category=security-privacy&ep.program_subcategory=antivirus&ep.program_sources=&ep.program_review_source=dexter&ep.program_download_type=affiliationDownload&ep.program_review_modification_date=2023-07-12&ep.program_opinions=no&ep.program_review_publication_date=2015-06-22&ep.program_has_button_buy=no&ep.program_has_button_download=yes&ep.program_has_gallery=yes&ep.program_has_offer=no&epn.program_user_score=7.626357056694813&ep.google_compliant=yes&ep.program_name=Microsoft%20Security%20Essentials&ep.vertical_id=&ep.ecosystem_id=&ep.ad_session_id=e8a2e018-5dcb-4fcc-989a-ea6392ec30fd&ep.program_review_vecna=false&tfd=2076
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R5K71YRXMV&cid=2089169067.1705006824&gtm=45je4180h1v877889940z86335967&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wct.js
wct.softonic-ar.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wct.softonic-ar.com/wct.js?type=auto-tagging
Requested by
Host: wct.softonic-ar.com
URL: https://wct.softonic-ar.com/wct.js?type=session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6025b7f608d194922bc9228899f20c1440decdc1ec235695948e50174fa5cee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lopotce4ANrVi73UXASswhYBSDGGPzwQK5aV1p%2B4e9%2BGGt77CciUOuuFuYZAof20%2FxYYFhN%2F%2Fg3DAZ1JtASEEw19BhVEpcwVGPA%2B6X%2FS86nApElxShcOoVoHm7bYPedjFzmk4BWtWpV0MMgWq9HIr%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age:3600
cf-ray
844016cf3d4c8dd0-MIA
wct-referer
https://microsoft-security-essentials.softonic-ar.com/
ima.js
cdn-ima.33across.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Dec 2023 19:21:35 GMT
server
cloudflare
age
89699
etag
W/"65833ebf-2810"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
844016d01c38098e-MIA
expires
Sun, 14 Jan 2024 21:00:24 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
N0T2VEYFY8D7VBKM
age
2662
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
844016cf4d0b31e0-MIA
x-amz-id-2
QG3GQHWHEK4PI9Elqt0k2lf3FkJPZQHJIyhEgU17iMqYUseNkJKf/47z+zFT0BDXz9hREODqxCvLlV8KiEA0bQ==
hjdebh67699dwnjldw00.js
dnlgm0m0r44nl.cloudfront.net/abp/ 		20 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dnlgm0m0r44nl.cloudfront.net/abp/hjdebh67699dwnjldw00.js
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 15:36:50 GMT
Via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Nov 2014 16:56:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P2
Age
19416
ETag
"1db728e2d3216682f555d0c1e5b1127c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
X-Amz-Cf-Id
OTG1HWck3Jtv64WmdbRV-cxHaDBcaFPsVEogIq8v9OVxmFc_PefTQA==
increment
id5-sync.com/api/esp/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
publisher:getClientId
ampcid.google.com/v1/ 		3 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
2c57e8e0392d0b5cf9bce04b8632c1b0b5af87a34f9f63818ab69cadd10e31e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
www.google.com/pagead/1p-user-list/631321069/ 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/631321069/?random=1705006824432&cv=11&fst=1705006800000&bg=ffffff&guid=ON&async=1&gtm=45be4180&u_w=1600&u_h=1200&url=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&frm=0&tiba=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_jKKF70rktDtqwLUxhZyofY2M24R_Jg&random=1758687873&rmt_tld=0&ipr=y
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avast-Avast_Symbol_V2_Positive_Orange_256x256.png
images.sftcdn.net/images/t_app-icon-s/p/2d9f9134-96d0-11e6-bf8f-00163ec9f5fa/1408299994/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/2d9f9134-96d0-11e6-bf8f-00163ec9f5fa/1408299994/avast-Avast_Symbol_V2_Positive_Orange_256x256.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2dce3035cfadf3932bd8bd977f5d9c11e1e49df39092c4de36968fbbf0d81a04
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 17:32:36 GMT
server
Cloudinary
etag
"06d2b62f46d039cff41e8923f130b871"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="avast-Avast_Symbol_V2_Positive_Orange_256x256.png"
server-timing
cld-akam;dur=4;start=2024-01-11T21:00:24.939Z;desc=hit,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1024,oheight=1024,obytes=421385"
accept-ranges
bytes
timing-allow-origin
*
content-length
2138
kaspersky-internet-security-product-box-KISMD.png
images.sftcdn.net/images/t_app-icon-s/p/5e38b7cc-96d4-11e6-b327-00163ec9f5fa/1570199921/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/5e38b7cc-96d4-11e6-b327-00163ec9f5fa/1570199921/kaspersky-internet-security-product-box-KISMD.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
bb1aac2122475831e76e0be2eafdd931df10690fb07f3cac2bfe3340e8955063
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:34:26 GMT
server
Cloudinary
etag
"ce10de691b58cc46464ee48d73a33c16"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="kaspersky-internet-security-product-box-KISMD.png"
server-timing
cld-akam;dur=166;cpu=80;start=2024-01-11T21:00:24.939Z;desc=hit-near,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1200,oheight=1200,obytes=474963"
accept-ranges
bytes
timing-allow-origin
*
content-length
2358
kaspersky-anti-virus-kaspersky.png
images.sftcdn.net/images/t_app-icon-s/p/9de631e4-96d2-11e6-be3c-00163ec9f5fa/1794891465/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/9de631e4-96d2-11e6-be3c-00163ec9f5fa/1794891465/kaspersky-anti-virus-kaspersky.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
4252dba776e8f03fd6d2f78c3be8c28f5495e328176ecf187a40a56eac57ca86
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:28 GMT
server
Cloudinary
etag
"e11de9c0b724e3d8d46a590b2d123c68"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="kaspersky-anti-virus-kaspersky.png"
server-timing
cld-akam;dur=136;cpu=48;start=2024-01-11T21:00:24.966Z;desc=hit-near,rtt;dur=120,content-info;desc="width=112,height=112,owidth=800,oheight=800,obytes=329186"
accept-ranges
bytes
timing-allow-origin
*
content-length
1494
shortcut-virus-remover-2019-01-24_13-32-56.png
images.sftcdn.net/images/t_app-icon-s/p/dfb623bb-da98-421f-9e84-92e2461ca450/809096207/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/dfb623bb-da98-421f-9e84-92e2461ca450/809096207/shortcut-virus-remover-2019-01-24_13-32-56.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0688b0a3d226ad1b96a353aa3600d27f9a175a398535558820b6157ab874e283
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:56:14 GMT
server
Cloudinary
etag
"23ff65f783089029379f91d6ae7705de"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="shortcut-virus-remover-2019-01-24_13-32-56.png"
server-timing
cld-akam;dur=9;start=2024-01-11T21:00:24.951Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1472,oheight=1472,obytes=504453",cloudinary;dur=52;start=2024-01-11T01:16:30.505Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1828
kaspersky-internet-security-product-box-KISMD.png
images.sftcdn.net/images/t_app-icon-m/p/5e38b7cc-96d4-11e6-b327-00163ec9f5fa/1570199921/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/5e38b7cc-96d4-11e6-b327-00163ec9f5fa/1570199921/kaspersky-internet-security-product-box-KISMD.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
51e56412ce6d10fdcd849a1ee0e089c809b252e8c6a0c293afd5ac6f1ce2d3bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:34:38 GMT
server
Cloudinary
etag
"7367e9478e6a4841d28842b0c101d70b"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="kaspersky-internet-security-product-box-KISMD.png"
server-timing
cld-akam;dur=60;start=2024-01-11T21:00:24.951Z;desc=miss,rtt;dur=120,content-info;desc="width=224,height=224,owidth=1200,oheight=1200,obytes=474963",cloudinary;dur=88;start=2024-01-11T12:44:30.714Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2828
windows-defender-800px-Windows_Defender_logo.svg.png
images.sftcdn.net/images/t_app-icon-m/p/3d621984-96d0-11e6-8bec-00163ec9f5fa/2555926723/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/3d621984-96d0-11e6-8bec-00163ec9f5fa/2555926723/windows-defender-800px-Windows_Defender_logo.svg.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
863b9249e9081287fa9a919fcbb895a15ddc3cac991ceabfcff497e2ced37064
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:51:48 GMT
server
Cloudinary
etag
"ced3de15d2f98965b15f61ef806724c0"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="windows-defender-800px-Windows_Defender_logo.svg.png"
server-timing
cld-akam;dur=10;start=2024-01-11T21:00:24.951Z;desc=hit-near,rtt;dur=120,content-info;desc="width=224,height=224,owidth=800,oheight=840,obytes=21548"
accept-ranges
bytes
timing-allow-origin
*
content-length
1188
avg-antivirus-free-AVG-Antivirus-logo-256x256.png
images.sftcdn.net/images/t_app-icon-m/p/afedbb98-96d0-11e6-a476-00163ed833e7/2476911703/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/afedbb98-96d0-11e6-a476-00163ed833e7/2476911703/avg-antivirus-free-AVG-Antivirus-logo-256x256.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0a237c4f677852fa1c4f3bbe11f08dd8b1920a794b1fff3d7d2e67aaba13abc8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:24 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:56:45 GMT
server
Cloudinary
etag
"cd1eb789a922f50a71c916b5a539f7f7"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="avg-antivirus-free-AVG-Antivirus-logo-256x256.png"
server-timing
cld-akam;dur=11;start=2024-01-11T21:00:24.951Z;desc=hit-near,rtt;dur=120,content-info;desc="width=224,height=224,owidth=1024,oheight=1024,obytes=887955"
accept-ranges
bytes
timing-allow-origin
*
content-length
5302
baidu-antivirus-logo.png
images.sftcdn.net/images/t_app-icon-m/p/97f6610c-96d0-11e6-a0ca-00163ed833e7/897381108/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/97f6610c-96d0-11e6-a0ca-00163ed833e7/897381108/baidu-antivirus-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
efb0d43254878df8f75d6a4ff03991dd0997ab0aecb48e8d2c6dde12f57f23f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:15 GMT
server
Cloudinary
etag
"c6aff9a2f8fa10857aefe7fb2a35ffa9"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="baidu-antivirus-logo.png"
server-timing
cld-akam;dur=12;start=2024-01-11T21:00:25.040Z;desc=hit-near,rtt;dur=120,content-info;desc="width=224,height=224,owidth=1024,oheight=1024,obytes=814785"
accept-ranges
bytes
timing-allow-origin
*
content-length
5718
kaspersky-anti-virus-kaspersky.png
images.sftcdn.net/images/t_app-icon-m/p/9de631e4-96d2-11e6-be3c-00163ec9f5fa/1794891465/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-m/p/9de631e4-96d2-11e6-be3c-00163ec9f5fa/1794891465/kaspersky-anti-virus-kaspersky.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
946311bfacab6de784b53fe5cbef991c1ea322702acf43dfa5cf3d37cd740ee9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:34:38 GMT
server
Cloudinary
etag
"11ede1885d4520a534e7af47b5a8d6fb"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="kaspersky-anti-virus-kaspersky.png"
server-timing
cld-akam;dur=11;start=2024-01-11T21:00:25.040Z;desc=hit-near,rtt;dur=120,content-info;desc="width=224,height=224,owidth=800,oheight=800,obytes=329186"
accept-ranges
bytes
timing-allow-origin
*
content-length
2428
windows-defender-800px-Windows_Defender_logo.svg.png
images.sftcdn.net/images/t_app-icon-s/p/3d621984-96d0-11e6-8bec-00163ec9f5fa/2555926723/ 		616 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/3d621984-96d0-11e6-8bec-00163ec9f5fa/2555926723/windows-defender-800px-Windows_Defender_logo.svg.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ab9e2fa2d00f6af1986e12b6bdee984d599b0cd890c3c145562da520a8d31ee4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 13 Feb 2023 09:28:39 GMT
server
Cloudinary
etag
"f933d621de06a9e4b7e056dfac87a656"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="windows-defender-800px-Windows_Defender_logo.svg.png"
server-timing
cld-akam;dur=4;start=2024-01-11T21:00:25.040Z;desc=hit,rtt;dur=120,content-info;desc="width=112,height=112,owidth=800,oheight=840,obytes=21548"
accept-ranges
bytes
timing-allow-origin
*
content-length
616
baidu-antivirus-logo.png
images.sftcdn.net/images/t_app-icon-s/p/97f6610c-96d0-11e6-a0ca-00163ed833e7/897381108/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/97f6610c-96d0-11e6-a0ca-00163ed833e7/897381108/baidu-antivirus-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
72ff3c9b271ed70560d3c3db5fff8d8d178d2df2a5ba3cd0a7c1a7ede5e4da0a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:51:32 GMT
server
Cloudinary
etag
"4db10e32287dec07f746c11a8bae0133"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="baidu-antivirus-logo.png"
server-timing
cld-akam;dur=12;start=2024-01-11T21:00:25.040Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1024,oheight=1024,obytes=814785",cloudinary;dur=52;start=2024-01-10T13:33:52.178Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2362
windows-defender-offline-logo.jpg
images.sftcdn.net/images/t_app-icon-s/p/58840ed8-96d6-11e6-8946-00163ed833e7/1496678058/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/58840ed8-96d6-11e6-8946-00163ed833e7/1496678058/windows-defender-offline-logo.jpg
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0cc144665fa4b11b2a7ca8d50d95ff5854d8371479133c4ebcd00efc0b4bafba
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:03:13 GMT
server
Cloudinary
etag
"563ba4a87f013432af9db8811b540784"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="windows-defender-offline-logo.jpg"
server-timing
cld-akam;dur=52;start=2024-01-11T21:00:25.040Z;desc=hit-near,rtt;dur=120,content-info;desc="width=112,height=112,owidth=480,oheight=480,obytes=203560"
accept-ranges
bytes
timing-allow-origin
*
content-length
1138
eset-nod32-antivirus-screenshot.png
images.sftcdn.net/images/t_app-icon-s/p/05ef1fea-96d2-11e6-91f6-00163ec9f5fa/2275011073/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/05ef1fea-96d2-11e6-91f6-00163ec9f5fa/2275011073/eset-nod32-antivirus-screenshot.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
07183e346763cd19b5f9144d11f8052496b48ae28688463936b978cadc42c437
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:49:38 GMT
server
Cloudinary
etag
"5a4914df6909f3046b6c7d41df6e86dd"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="eset-nod32-antivirus-screenshot.png"
server-timing
cld-akam;dur=62;cpu=3;start=2024-01-11T21:00:25.040Z;desc=hit-near,rtt;dur=120,content-info;desc="width=112,height=112,owidth=800,oheight=700,obytes=266148"
accept-ranges
bytes
timing-allow-origin
*
content-length
2700
advanced-systemcare-ultimate-icon.png
images.sftcdn.net/images/t_app-icon-s/p/b3bdc7de-96d2-11e6-bae4-00163ed833e7/2243639147/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/b3bdc7de-96d2-11e6-bae4-00163ed833e7/2243639147/advanced-systemcare-ultimate-icon.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a3a2b7074615ca95c09da5b4eda0abd409c4ea4b3e5a64bf90d563fd93428b2e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:08:36 GMT
server
Cloudinary
etag
"2058e5867b3ba8c0ae9f1055cf085939"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="advanced-systemcare-ultimate-icon.png"
server-timing
cld-akam;dur=14;start=2024-01-11T21:00:25.040Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1024,oheight=1024,obytes=666819",cloudinary;dur=57;start=2024-01-11T04:03:39.396Z
accept-ranges
bytes
timing-allow-origin
*
content-length
4158
immunos-logo.png
images.sftcdn.net/images/t_app-icon-s/p/9f7e66d6-a4d1-11e6-a03d-00163ec9f5fa/1850399581/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/9f7e66d6-a4d1-11e6-a03d-00163ec9f5fa/1850399581/immunos-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
5d79d54f7e6288c3920c97821f8579a9ac57e3c0b74b5d8b7b335cdcaee1a910
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:31:33 GMT
server
Cloudinary
etag
"3b9c67b4ce79f0a533ed307e27f2b385"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="immunos-logo.png"
server-timing
cld-akam;dur=11;start=2024-01-11T21:00:25.040Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=800,oheight=800,obytes=313185",cloudinary;dur=81;start=2024-01-10T09:28:31.957Z
accept-ranges
bytes
timing-allow-origin
*
content-length
3054
8f649-ebaec.svg
sc.sftcdn.net/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sc.sftcdn.net/images/8f649-ebaec.svg
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ef7768c313ea66869d68a301994c5a6b1fcf05058ae17606c82381d675b1b3b7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 22:32:11 GMT
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
772094
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
540
x-served-by
cache-ams12740-AMS, cache-mia-kmia1760085-MIA
last-modified
Tue, 02 Jan 2024 12:15:09 GMT
server
istio-envoy
x-timer
S1705006825.910752,VS0,VE0
etag
W/"6593fe4d-417"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
82, 13
trend-micro-titanium-security-for-netbooks-logo.png
images.sftcdn.net/images/t_app-icon-s/p/db8f271e-9b2b-11e6-8c40-00163ec9f5fa/4238683344/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/db8f271e-9b2b-11e6-8c40-00163ec9f5fa/4238683344/trend-micro-titanium-security-for-netbooks-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
be5c868db64b703ed8581b4f5470e24885c858682f782a086b4b4fd2e7b983f6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:24:58 GMT
server
Cloudinary
etag
"9ab86176d8f05fe6d98cc2e9b9eba224"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="trend-micro-titanium-security-for-netbooks-logo.png"
server-timing
cld-akam;dur=142;cpu=48;start=2024-01-11T21:00:25.054Z;desc=miss,rtt;dur=107,content-info;desc="width=112,height=112,owidth=1600,oheight=1600,obytes=1211761",cloudinary;dur=62;start=2024-01-11T21:00:25.113Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1790
myinternetsecurity-bronze-logo.png
images.sftcdn.net/images/t_app-icon-s/p/db9e0b94-9b2b-11e6-adb8-00163ec9f5fa/1113986453/ 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/db9e0b94-9b2b-11e6-adb8-00163ec9f5fa/1113986453/myinternetsecurity-bronze-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0889798e4743b5e3666156191e0df4387e6ceeaa53eddca65ee286ae0ea353f2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:55:47 GMT
server
Cloudinary
etag
"c4df0a7b94b047e2f9a27871594277cd"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="myinternetsecurity-bronze-logo.png"
server-timing
cld-akam;dur=162;cpu=75;start=2024-01-11T21:00:25.040Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1584,oheight=1600,obytes=837378",cloudinary;dur=66;start=2024-01-11T21:00:25.079Z
accept-ranges
bytes
timing-allow-origin
*
content-length
878
norton-virus-definitions-update-64bits-logo.png
images.sftcdn.net/images/t_app-icon-s/p/022d396a-9b27-11e6-bf95-00163ec9f5fa/3142328989/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/022d396a-9b27-11e6-bf95-00163ec9f5fa/3142328989/norton-virus-definitions-update-64bits-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
424ce2a4316d78fdb992540176a43b3760531997eb66364063d5a496001f066c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 09:03:10 GMT
server
Cloudinary
etag
"d1ce53f02909370550e020a0ff52f7d3"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="norton-virus-definitions-update-64bits-logo.png"
server-timing
cld-akam;dur=10;start=2024-01-11T21:00:25.040Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1520,oheight=1600,obytes=1271748",cloudinary;dur=50;start=2024-01-11T16:53:33.726Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1906
avast-virus-definitions-update-f24759d04f5035d5b6d4aaad876e77a114378f9105e59ed6897b218fc52ff9f5_200.jpg
images.sftcdn.net/images/t_app-icon-s/p/c6163594-aa5b-4bcc-b983-a6801c5289cc/3400127637/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/c6163594-aa5b-4bcc-b983-a6801c5289cc/3400127637/avast-virus-definitions-update-f24759d04f5035d5b6d4aaad876e77a114378f9105e59ed6897b218fc52ff9f5_200.jpg
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
884137c03e78668c2b57a8b249eafec0d976c87d2e95138fe31755d9c3491dcb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Fri, 10 Feb 2023 10:17:08 GMT
server
Cloudinary
etag
"4211008c36d58278d4ffd7accc39bce1"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="avast-virus-definitions-update-f24759d04f5035d5b6d4aaad876e77a114378f9105e59ed6897b218fc52ff9f5_200.jpg"
server-timing
cld-akam;dur=26;start=2024-01-11T21:00:25.040Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=800,oheight=800,obytes=237346",cloudinary;dur=45;start=2024-01-10T17:11:04.076Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2586
mcafee-total-protection-imgingest-5418346907674484388.png
images.sftcdn.net/images/t_app-icon-s/p/8920b28c-96d4-11e6-b033-00163ec9f5fa/402824032/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/8920b28c-96d4-11e6-b033-00163ec9f5fa/402824032/mcafee-total-protection-imgingest-5418346907674484388.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
239c0457614350b2380c59faaf0d7804db620873b37345613b8ccaff4dc3dbc3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:53:09 GMT
server
Cloudinary
etag
"82cf4f43679bc7c39ff20c3b5154b6a1"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="mcafee-total-protection-imgingest-5418346907674484388.png"
server-timing
cld-akam;dur=33;start=2024-01-11T21:00:25.042Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1024,oheight=1024,obytes=248140",cloudinary;dur=43;start=2024-01-11T16:56:46.730Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1168
avira-free-antivirus-logo.png
images.sftcdn.net/images/t_app-icon-s/p/17c3a4c6-96d1-11e6-a49b-00163ed833e7/2994784678/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/17c3a4c6-96d1-11e6-a49b-00163ed833e7/2994784678/avira-free-antivirus-logo.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
2c94c3b3038a88cba7f2f0ab23c917758c12bd03873ae1078b59286ab5f656f5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:50:57 GMT
server
Cloudinary
etag
"a0961fefdaac815f8c79c30f057023d6"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="avira-free-antivirus-logo.png"
server-timing
cld-akam;dur=11;start=2024-01-11T21:00:25.041Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=500,oheight=500,obytes=92379",cloudinary;dur=57;start=2024-01-10T11:23:10.780Z
accept-ranges
bytes
timing-allow-origin
*
content-length
1396
360-total-security-icon.png
images.sftcdn.net/images/t_app-icon-s/p/33ee92a8-96d3-11e6-99f6-00163ed833e7/1829583611/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.sftcdn.net/images/t_app-icon-s/p/33ee92a8-96d3-11e6-99f6-00163ed833e7/1829583611/360-total-security-icon.png
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:1a86::29cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
898fccb4de6ea386c94ea519206e1c93be7a45e45875d1a421ae33991ecb354a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 14 Feb 2023 08:51:39 GMT
server
Cloudinary
etag
"7fc8b1eb024f23f2768ecffb486fc25e"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=31536000
content-disposition
inline; filename="360-total-security-icon.png"
server-timing
cld-akam;dur=11;start=2024-01-11T21:00:25.041Z;desc=miss,rtt;dur=120,content-info;desc="width=112,height=112,owidth=1200,oheight=1200,obytes=627078",cloudinary;dur=68;start=2024-01-10T16:34:11.302Z
accept-ranges
bytes
timing-allow-origin
*
content-length
2618
chunk0-e19829.mjs
sc.sftcdn.net/scripts/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk0-e19829.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a46cf167f42b264d883d683de404dd245df9047f77fd93a7c7599986b4bfb94f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 08:20:31 GMT
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2119194
x-cache
HIT, HIT
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7820
x-served-by
cache-ams12721-AMS, cache-mia-kmia1760085-MIA
last-modified
Wed, 13 Dec 2023 14:13:44 GMT
server
istio-envoy
x-timer
S1705006825.911780,VS0,VE0
etag
W/"6579bc18-6589"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
68, 14196
chunk1-3f79bf.mjs
sc.sftcdn.net/scripts/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk1-3f79bf.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
aef585bb36eb77837a981580fdfa7b82b7070b7f26d6dbc32c26ccc2f96d46fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 14:26:06 GMT
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
801258
x-cache
HIT, HIT
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5983
x-served-by
cache-ams12726-AMS, cache-mia-kmia1760085-MIA
last-modified
Tue, 02 Jan 2024 12:15:10 GMT
server
istio-envoy
x-timer
S1705006825.912552,VS0,VE0
etag
W/"6593fe4e-5240"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
39, 6170
chunk7-cf6bbd.mjs
sc.sftcdn.net/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk7-cf6bbd.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e110a6d62e59f3066604d8124754f1a5589a6c0eabafd02d980099b84bddeca2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 08:20:31 GMT
date
Thu, 11 Jan 2024 21:00:24 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2119194
x-cache
HIT, HIT
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2919
x-served-by
cache-ams21078-AMS, cache-mia-kmia1760085-MIA
last-modified
Wed, 13 Dec 2023 14:13:44 GMT
server
istio-envoy
x-timer
S1705006825.912556,VS0,VE0
etag
W/"6579bc18-27e1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
56, 3170
wct.js
wct.softonic-ar.com/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wct.softonic-ar.com/wct.js?type=pattern&uid=s3czDT
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8aca25327ad3160d09d8ba0d9619a8a0d968ced3da30057752fae852250072

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XwqTCUTRF6wVkiQi2UjDfMA0cIZWI76ZIhzDtXAUvfzNXE4I%2F2x7q3jDSnHp%2F6aRleO%2BIHAlK7AaJikMNxTcMkMesm1wrw7u%2FJwQHZe1n6GtKCUkesRlUTL93heV1KkuxFCOMjcznEndxeVUF%2FPlJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age:300
cf-ray
844016d09a99336d-MIA
wct-referer
https://microsoft-security-essentials.softonic-ar.com/
ads
securepubads.g.doubleclick.net/gampad/ 		125 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=139994871044085&correlator=2488019939851060&eid=31080286%2C31080301%2C31080327&output=ldjh&gdfp_req=1&vrg=202401040101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&trt=2&iu_parts=5302%2Cdesktop%2Cdesktop-Web-ar%2CApps%2CProgrampage%2CATF_MPU_First%2CATF_Notificationbar%2CATF_Leaderboard_First&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7&prev_iu_szs=300x600%7C300x250%7C300x180%7C300x150%7C250x250%7C200x200%7C180x150%7C160x600%7C120x600%2C320x50%2C1x1%7C970x250%7C970x90%7C960x90%7C950x90%7C728x90%7C500x90%7C468x90%7C468x60&fluid=0%2Cheight%2C0&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc29934a041baf1ca%3AT%3D1705006824%3ART%3D1705006824%3AS%3DALNI_MY8EuSHT5bR_o43NiH1lzjONm6KBQ&gpic=UID%3D00000a072adfdac5%3AT%3D1705006824%3ART%3D1705006824%3AS%3DALNI_MYkL4D9rgZVtCEtb8IpkJUCR8E4ig&abxe=1&dt=1705006825003&lmt=1705006825&adxs=184%2C0%2C315&adys=424%2C0%2C258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=2%7C3%7C4&oid=2&tos=~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&vis=1&psz=300x0%7C1600x0%7C970x0&msz=300x0%7C1600x0%7C970x0&fws=512%2C4%2C4&ohw=0%2C1600%2C970&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=2089169067.1705006824&ga_sid=1705006824&ga_hid=1672844015&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRig983SzzFIAFICCGQ.&dlt=1705006823351&idt=917&prev_scp=pos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-mpu-1%26hvi%3Dfalse%26type%3Dtop_display_mpu%26afcSlotId%3D4222920856%26amznbid%3D2%26amznp%3D2%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dnative-notificationbar%26hvi%3Dfalse%26type%3Dnative_notificationbar%26devicePlatformId%3Dwindows%7Cpos%3Dtop%26countryCluster%3DA1%26td-slot%3Dtop-leaderboard-1%26hvi%3Dfalse%26type%3Dtop_display_leaderboard%26amznbid%3D2%26amznp%3D2&cust_params=medium%3Dorganic%26campaign%3D%26source%3Dnone%26medium_campaign%3Dorganic%26medium_source%3Dorganic-none%26file%3Ddff6f48a-96d0-11e6-b8de-00163ec9f5fa%26reviewvecna%3Dfalse%26recat%3Dsecurity-privacy%252Cantivirus%26hosted%3Dfalse%26compliant%3D1%26devel%3D0%26locale%3Dar-SA%26author%3DMicrosoft%26content%3Drich%26country%3DUS%26region%3DA%26platformId%3Dwindows%26ad_session_id%3De8a2e018-5dcb-4fcc-989a-ea6392ec30fd%26pv%3D1%26ab_upr%3D2%26personalized%3D1&adks=1405851431%2C2213152915%2C830642617&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a87d189568a4da1e3266c1e4d1d1bbe61c5048a5cf6b3efebbcdfff90eae3eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31695
x-xss-protection
0
google-lineitem-id
6168669095,5540562854,6389242249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449315400,138334288301,138448073384
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 9796
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
321 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f43dad0f2049b856088a9c9742dd72b5fcbf9994a5ab243f5a8761cd21632baa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
321
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WHKY6378XC7D2HC7ABMS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
T9XR74EM26829B0ECE5N
chunk18-ec7545.mjs
sc.sftcdn.net/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.sftcdn.net/scripts/chunk18-ec7545.mjs
Requested by
Host: sc.sftcdn.net
URL: https://sc.sftcdn.net/scripts/23986-4f1cf.mjs
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a272935af19dba0ceb53775d2fc4fa2e8e5755635c67c3cd71f5dca563e4fb05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 08:20:32 GMT
date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
br
x-envoy-decorator-operation
noodle-statics-statics-server.noodle-v1.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
x-device-type
common
age
2119193
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
851
x-served-by
cache-ams21063-AMS, cache-mia-kmia1760085-MIA
last-modified
Wed, 13 Dec 2023 14:13:44 GMT
server
istio-envoy
x-timer
S1705006825.057499,VS0,VE0
etag
W/"6579bc18-692"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Accept, Content-Type, If-None-Match
x-cache-hits
69, 8143
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.3.0&us_privacy=1---
  • https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=REqIi2USIN12uj%2BRLRhyoiyLQgRgl0U6SIw1kA9FmZ0%3D
42 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=REqIi2USIN12uj%2BRLRhyoiyLQgRgl0U6SIw1kA9FmZ0%3D
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 11 Jan 2024 21:00:25 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
location
https://lexicon.33across.com/v1/envelope?pid=0013300001kQj1aAAC&src=aps&ver=1.3.0&us_privacy=1---&b=1&g=REqIi2USIN12uj%2BRLRhyoiyLQgRgl0U6SIw1kA9FmZ0%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads.js
syndicatedsearch.goog/adsense/search/ Frame E53D 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syndicatedsearch.goog/adsense/search/ads.js?pac=0
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?psid=3261714721&client=softonic&r=m&hl=ar&cpp=5&rpbu=https%3A%2F%2Fwww.softonic-ar.com%2Fs%2F%3Frscp%3Ddsk_rscp_ar_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301401%2C71847096&format=r4&nocache=9741705006824186&num=0&output=afd_ads&domain_name=microsoft-security-essentials.softonic-ar.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1705006824187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4628&frm=0&cl=588056317&uio=wi290-&cont=rscontainer&drt=0&jsid=csa&jsv=588056317&rurl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5ccc9dc44e6cfaf9383ff011232f567d58842505135aaf2955fb7059f69f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://syndicatedsearch.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"6954501533495358338"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
expires
Thu, 11 Jan 2024 21:00:25 GMT
collect
www.google-analytics.com/j/ 		3 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1672844015&t=pageview&_s=1&dl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&ul=en-us&de=UTF-8&dt=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YDDAgEABAAQCACAAI~&jid=2013153429&gjid=2067048425&cid=2089169067.1705006824&tid=UA-33610956-6&_gid=1379699897.1705006825&_slc=1&gtm=45He4180n715LWWHPv6335967&cd1=%2Fprogram_page&cd2=1&cd3=windows&cd4=security-privacy&cd5=antivirus&cd6=no&cd7=no&cd10=yes&cd11=yes&cd12=US&cd14=free&cd15=2015-06-22&cd16=G8BzdghzTXGLv4LQjBmbkbQ3&cd17=0&cd18=no&cd19=7.626357056694813&cd21=dff6f48a-96d0-11e6-b8de-00163ec9f5fa&cd52=%2Fprogram_page&cd72=&cd79=Microsoft%20Security%20Essentials&cd82=affiliationDownload&cd85=2023-07-12&cd94=6cf405a2-f82a-4d3a-904c-db4188921d35&cd97=&cd110=&cd112=dexter&gcd=11l1l1l1l1&dma=0&tcfd=10000&z=78448227
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33610956-6&cid=2089169067.1705006824&jid=2013153429&gjid=2067048425&_gid=1379699897.1705006825&_u=YDDAgEABAAQCAGAAI~&z=1867927494
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 11 Jan 2024 21:00:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
session
wct.softonic-ar.com/track/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wct.softonic-ar.com/track/session?data=qF9XgB15MoIqwAJn3xIWcBSvNB6icCIz2xIWcBSvNB6iYyIz2xIWIi0ido2adm1aZnX4Yn2ato2eto4aJmUiJlXe0rIOJiHD2xIWIiW4cmUaJnUqJm4ydmWudm3eJlW4smUqJm4ydmWudm3eJlX4smtDKi6iYCN9vyN9Li7PJiZvwAR92BJjclIiIoIixzYjxzMvMCIWIi0Gtj5qujbHtj5qujYiuj4quj2Gtj5qujbfuj4qujWitjTaJmLmhBHLgDUv2CZvemYusE0LMC1nwztbJmLqNzVn3BYnwAnjIoIugB0LgDFv2zHbNiSiInZ4YnZuJrYusAYfMzHnfmYuInXiJl5Kdm24cmUaJmXyKmLuwBVjhAdbJmLKYBRnwzhbJmLu2APXgmYuYqYuctnrfslHcmYuInZ4YnZuJrYucDPTKyLDvzSbhCbbJmLKcn2GhmYuIqZucn24wAxbJmLi0mLaJlWedmYucvobJmLm3DVrMBPDfkWitjW4sngjtjHXgBPP3BnjIoIewDIWIigjtjT92yUixyTmwAU9gDM92CUmhBHLgDUv2CZvwl5rxAYv3yLnxl0z2BZ9MCJLwBgjtjgjtjbntjZbhD0HMi6icBYvNiSicnYGJnWatnWCtmUCJnWKJnXKdoWiJi6iczPn2zIWIiurKEJnZCIOJiKLwDIWIi3ado0ido2adm1aZnXiIoIqwAZjYE
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1f2d014eceffab500f9a14d40871c8c2e5842e434004ec947674ff89f328f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuY%2BI49NM%2BWQBL8fJMbYm4d%2Bdct9nyqcbwMGILUVuQ1abXTMCvvvyw6huSylCs4Iwn5hme5eTkg3AS%2BtScMbxQnKfTR1IuFiT78cM1wJSu2pJ6A099SZaKPdpW1ge53OKQhlt6ZwSwFg5n%2B%2FSsGyJ0U%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-apo-via
origin,host
cf-ray
844016d1cd99336d-MIA
x-xss-protection
1; mode=block
call_to_action_arrow_v2.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E53D 		209 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow_v2.svg
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?psid=3261714721&client=softonic&r=m&hl=ar&cpp=5&rpbu=https%3A%2F%2Fwww.softonic-ar.com%2Fs%2F%3Frscp%3Ddsk_rscp_ar_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301401%2C71847096&format=r4&nocache=9741705006824186&num=0&output=afd_ads&domain_name=microsoft-security-essentials.softonic-ar.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1705006824187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4628&frm=0&cl=588056317&uio=wi290-&cont=rscontainer&drt=0&jsid=csa&jsv=588056317&rurl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://syndicatedsearch.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 19:28:01 GMT
age
5544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Fri, 12 Jan 2024 18:28:01 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E53D 		200 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?psid=3261714721&client=softonic&r=m&hl=ar&cpp=5&rpbu=https%3A%2F%2Fwww.softonic-ar.com%2Fs%2F%3Frscp%3Ddsk_rscp_ar_pp%26platformId%3Dwindows&rpqp=q&type=3&rs_tt=c&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301401%2C71847096&format=r4&nocache=9741705006824186&num=0&output=afd_ads&domain_name=microsoft-security-essentials.softonic-ar.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-600&dt=1705006824187&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4628&frm=0&cl=588056317&uio=wi290-&cont=rscontainer&drt=0&jsid=csa&jsv=588056317&rurl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://syndicatedsearch.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Jan 2024 00:06:24 GMT
age
75241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Thu, 11 Jan 2024 23:06:24 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-33610956-6&cid=2089169067.1705006824&jid=2013153429&_u=YDDAgEABAAQCAGAAI~&z=683329657
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 5D49 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
108a03b66d79154b339b09bcc70ccb9e7c6026c38e7fa10da757ef39e37d31ad
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2352
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F8E4S1TRCBNHD7NDQH70
691.json
id5-sync.com/g/v2/ 		575 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/691.json
Requested by
Host: softonic-ar.com
URL: https://softonic-ar.com/revamp/sft-prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
1cf211785a06a2b9489c9d7084855599a0424e24f5d8d0ca33e78999abb7b24c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
/
onetag-sys.com/match/ Frame 5D49 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 5D49
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1705006825569
  • https://ad.turn.com/r/cs?pid=45&rndcb=6677411497
  • https://sync.1rx.io/usersync/turn/2323851562009475149?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-d5fbccd7-e01f-4573-ae10-40f7...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2DZJ2VF4V49VKJP4S9FK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005
date
Thu, 11 Jan 2024 21:00:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd5fbccd7e01f4573ae1040f7c556bf37005
content-type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame 54EF 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.5.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-5-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
771b05ec022ee8413643311d3f68bb88198da82c7e6acf6f22d676ef4ebd3e93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 11 Jan 2024 21:00:25 GMT
etag
W/"08167054732ac35a2a6ea41ec061bb8bb"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E664 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.91.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-91-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110569
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 21:00:25 GMT
expires
Sat, 13 Jan 2024 03:43:14 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7C5E 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 21:00:25 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cm
u.openx.net/w/1.0/ Frame 14B3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
831 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e021a6be9a6840147168382059fe2d9c48ca2c6160e0874b7e05204557f61600

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
472
content-type
text/html
date
Thu, 11 Jan 2024 21:00:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 11 Jan 2024 21:00:25 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 7D3D
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8228395257861458961&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8228395257861458961&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SQGN5Z3ZYNTWFBF4VRYX

Redirect headers

content-length
0
date
Thu, 11 Jan 2024 21:00:24 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8228395257861458961&gdpr=0&gdpr_consent=
amazon
ce.lijit.com/beacon/ Frame A56C
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
f6ec686cee884db69da169838e9a8a6bb6c7079e491cd9476a7c169603d0c39e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
483
Content-Type
text/html
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2dca1
ecm3
s.amazon-adsystem.com/ Frame 3DD7
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4687778659021120377048
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4687778659021120377048
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SSS2K1ZSEZ4CEAH4S1HZ

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 11 Jan 2024 21:00:25 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4687778659021120377048
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4351479220626828673
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4351479220626828673
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
an-x-request-uuid
678d3e88-b221-4966-96a6-56994171945e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4351479220626828673
x-proxy-origin
38.132.118.70; 38.132.118.70; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&gdpr=0&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=353044760378183193&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=05023d70-4517-0a5e-1865-60f1dc8b2466
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=05023d70-4517-0a5e-1865-60f1dc8b2466
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:25 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=05023d70-4517-0a5e-1865-60f1dc8b2466
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2$ip$38.132.118.70
Date
Thu, 11 Jan 2024 21:00:25 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ENOGkkRE2pedpmwkUbIpTcFxTtsVIBhCqljC~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-ENOGkkRE2pedpmwkUbIpTcFxTtsVIBhCqljC~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-ENOGkkRE2pedpmwkUbIpTcFxTtsVIBhCqljC~A
content-length
0
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=4afffdcc-d345-494c-be75-fdcb7daafa99
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=4afffdcc-d345-494c-be75-fdcb7daafa99
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=4afffdcc-d345-494c-be75-fdcb7daafa99
Date
Thu, 11 Jan 2024 21:00:25 GMT
Connection
keep-alive
X-CI-RTID
a9ee00b1-eb1d-4b26-9067-818748f95c37
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 54EF 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 21:00:25 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=u_bbcb27a7-903f-4080-b759-1de2690e3bb3&s=2&us_privacy=
  • https://usersync.gumgum.com/usersync?b=zem&i=V_6xSp-oOMYlXRk8oz7J&gdpr=0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=V_6xSp-oOMYlXRk8oz7J&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=V_6xSp-oOMYlXRk8oz7J&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 54EF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=mwuXGqTuwYD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=mwuXGqTuwYD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
54.90.5.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-5-164.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=mwuXGqTuwYD5&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5b8764964b-jfjpv
expires
-1
usersync
usersync.gumgum.com/ Frame 54EF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8228395257861458961
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8228395257861458961
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8228395257861458961
date
Thu, 11 Jan 2024 21:00:25 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 54EF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_bbcb27a7-903f-4080-b759-1de2690e3bb3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GTVNE05SDRG70B8EMZ3B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 14B3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=aae9e57d-71a8-89f2-bf10-f28b7ce8eec0&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BHRT7PF7BF38YC2S2EMC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
66f8ff44-fdae-a041-4ec9-66e9eb8ce869
pr-bh.ybp.yahoo.com/sync/openx/ Frame 14B3 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/66f8ff44-fdae-a041-4ec9-66e9eb8ce869?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:661c:76e7:ba4a:a9a4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 14B3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=aae9e57d-71a8-89f2-bf10-f28b7ce8eec0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4H7V13W5CKR3S9S8RAV0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 14B3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=f23f9900-6d02-3208-7f1e-701c14db2520&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 21:00:25 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 14B3 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZGU1MDRhY2EtYTQ3NS02Y2FjLTZhZmUtMmFhNWRlMzllYjQw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 14B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAFahyHwwtO_3EZwFRJ1tGo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAFahyHwwtO_3EZwFRJ1tGo&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAFahyHwwtO_3EZwFRJ1tGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame CD8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=353044760378183193&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=353044760378183193&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 11 Jan 2024 21:00:25 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=353044760378183193&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 90C6 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9iYmNiMjdhNy05MDNmLTQwODAtYjc1OS0xZGUyNjkwZTNiYjM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:00:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 174D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.58.91.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-91-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=110569
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 11 Jan 2024 21:00:25 GMT
expires
Sat, 13 Jan 2024 03:43:14 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame D6E2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=5e429705-5af2-4d3a-9916-cdb10e4da43e
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=5e429705-5af2-4d3a-9916-cdb10e4da43e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Thu, 11 Jan 2024 21:00:25 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=5e429705-5af2-4d3a-9916-cdb10e4da43e
server
Kestrel
usersync
usersync.gumgum.com/ Frame 9E7F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZaBW6sCo8XUAAIAt-0cAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZaBW6sCo8XUAAIAt-0cAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 21:00:26 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZaBW6sCo8XUAAIAt-0cAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
6
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40346.dc2p.scaleout.jp
X-SO-IP
38.132.118.70
X-SO-Key
ZaBW6sCo8XUAAIAt-0cAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"38.132.118.70","key":"ZaBW6sCo8XUAAIAt-0cAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40346"}
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40346
usersync
usersync.gumgum.com/ Frame A7D7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:26 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 11 Jan 2024 21:00:26 GMT Thu, 11 Jan 2024 21:00:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 27AC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Jan 2024 21:00:25 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 11 Jan 2024 21:00:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 7C5E 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 21:00:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62741
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
container.html
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2E6A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:00:24 GMT
expires
Fri, 10 Jan 2025 21:00:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F063 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:00:24 GMT
expires
Fri, 10 Jan 2025 21:00:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 30AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsst_qEG8YTZ4u7r5IxVl7MVToqM3TGcZo8aMZRZ5DHDZt_s66MNI--2ai24dhRkIB99xCMQLgn38UTt7aBpFJfG7gEJ60NEa2rd7fAqpea6OnQw82eWZ-RGyIhhWRGu1Qf1DpRg9GFt3Qqi8mkJEvcwj6hIAMSvLW0qrEfmuqUbUOeS9tLiVGIOndsgOwyxQNfIDuDgnyJMSmRkmPSCMIzWh6NP1ecy1P6Me2vtllW3tOrfh0Gv9AJub74LZ59MlfxTWVtXA4enlpxWtYOf26gT-ddCNwPngZxgGlySBn_TC_6jpAQI1IAbRgvdmiYr0c_TwBDUt0bXal5kjnpeVS3eInRTC2J7bybraxYscpW8jzE8lCNo_4NkFZU9ZicY4Z7-hQrG3p5Wnm8ZSxqN-QBUPIy_NqzV4zoy-DCGPm-8gGoIq-_TPCjxPBfzni56bwKlvv2iRxytamD_JW1ZXqPg7fLfZbcB_Lq6dttsXMY&sai=AMfl-YTp6_ZurFw0RjiJkfeS0rKI39yimtkAK-aKwRGoL0r282l--4EK6dLTeSEb1cBx7U4gXs8lKju-owzO5Ym_jRW4tzvK2ITOTnvsJYxi17XBLPfyJbk8FS6A8K94MIQ&sig=Cg0ArKJSzNxktqFYdMeqEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 30AE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
79085
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 30AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 23:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
79087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 23:02:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30AE 		195 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62787
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 21:00:25 GMT
1757919985712676004
tpc.googlesyndication.com/simgad/ Frame 30AE 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1757919985712676004
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
905d3e553e4422c5222b8c1280ae28aa047aabb4c71fd4cf8b8517c45e87e9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 08:20:07 GMT
date
Wed, 10 Jan 2024 08:20:07 GMT
x-content-type-options
nosniff
age
132018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55783
x-xss-protection
0
last-modified
Thu, 28 Sep 2023 10:50:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 30AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuNNDa8duljMjqpxXonwbisx6AUhCyWqRDtivrQBtTd16iBhIehDdMgO4ZCWIs_YtiIXacX1Ft4wjv8sgIhkXm6TiF4g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
truncated
/ Frame 30AE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e15eea125baa3fd11778695061c80e3d8467218ace23ebb0cd2274b98d59ecc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame E664 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34742921&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bec1fe56f70cc02bba5f24dd2a38f5210e2d7322a507ebe3dbb08ccfaa2a7dd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 11 Jan 2024 21:00:24 GMT
content-length
1736
content-type
text/html; charset=UTF-8
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2E6A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:24:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
149747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 03:24:39 GMT
css
fonts.googleapis.com/ Frame 2E6A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 21:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 19:45:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 21:00:26 GMT
14805004483204199669
tpc.googlesyndication.com/simgad/ Frame 2E6A 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14805004483204199669?
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76f2191ebf87532021d4c4073c91b95f344dd8d5fa47ed2c7688d4ce50c66553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 20:32:32 GMT
date
Tue, 09 Jan 2024 20:32:32 GMT
x-content-type-options
nosniff
age
174474
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45061
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:07:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
228314005217364153
tpc.googlesyndication.com/simgad/ Frame 2E6A 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/228314005217364153?
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
762b5783d284114b00eeeab46e026c621e13ddbf4e3df58410c3379e2441f7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 20:28:46 GMT
date
Tue, 09 Jan 2024 20:28:46 GMT
x-content-type-options
nosniff
age
174700
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50514
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:07:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
12350792992358548997
tpc.googlesyndication.com/simgad/ Frame 2E6A 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12350792992358548997?
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b50dfe1949e0618f9e7d91820ffd9fa04d2cf84f2a8a23c65cc2babe423b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 15:36:04 GMT
date
Tue, 09 Jan 2024 15:36:04 GMT
x-content-type-options
nosniff
age
192262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47963
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:07:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
2396165119204462262
tpc.googlesyndication.com/simgad/ Frame 2E6A 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2396165119204462262?
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e75769ef9d24b4fcbc7caf167dcdf601eda2c70ba9434ba895e8f97dec63ad2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 16:25:43 GMT
date
Tue, 09 Jan 2024 16:25:43 GMT
x-content-type-options
nosniff
age
189283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49311
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 11:07:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E6A 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62787
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 21:00:26 GMT
ecm3
s.amazon-adsystem.com/ Frame A56C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=H-bMiPZHj4mtUmTKSZWqcG6-&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
07Z0T4MX9267WEXJRC2T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame A56C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=64ddd6f7-87f2-409c-8b34-25dd7f7128ed
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=64ddd6f7-87f2-409c-8b34-25dd7f7128ed
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=64ddd6f7-87f2-409c-8b34-25dd7f7128ed
date
Thu, 11 Jan 2024 21:00:26 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
sync-km.ads.yieldmo.com/ Frame A56C
Redirect Chain
  • https://cs.krushmedia.com/77781087eb9a0621642f9ebec6beb8d1.gif?puid=[UID]&redir=[RED]&gdpr=0&gdpr_consent=
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fcs.krushmedia.com%2F0674638529195b597475a5faaba7eee8.gif%3Fpuid%3D%5Bsas_uid%5D&gdpr_consent=[consent_string]&nwid=4478
  • https://sync.smartadserver.com/getuid?url=https://cs.krushmedia.com/0674638529195b597475a5faaba7eee8.gif?puid=[sas_uid]&gdpr_consent=[consent_string]&nwid=4478&cklb=1
  • https://cs.krushmedia.com/0674638529195b597475a5faaba7eee8.gif?puid=8228395257861458961
  • https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=018091c2-7db4-5e14-8c96-6f47156356b2
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=018091c2-7db4-5e14-8c96-6f47156356b2
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Server
44.221.129.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-221-129-93.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Server
nginx
Location
https://sync-km.ads.yieldmo.com/sync?pn_id=km&id=018091c2-7db4-5e14-8c96-6f47156356b2
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
merge
ce.lijit.com/ Frame A56C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?3pid=OPU6cb3977631f742e5824f364d98f6de68&gdpr=0&gdpr_consent=&pid=103
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?3pid=OPU6cb3977631f742e5824f364d98f6de68&gdpr=0&gdpr_consent=&pid=103
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ce.lijit.com/merge?3pid=OPU6cb3977631f742e5824f364d98f6de68&gdpr=0&gdpr_consent=&pid=103
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
131
expires
Mon, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame A56C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LR9P1IYK-G-2SDC&gdpr=0
43 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR9P1IYK-G-2SDC&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR9P1IYK-G-2SDC&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
merge
ce.lijit.com/ Frame A56C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=6hWwUFVsoqNPDcx69jl_0
  • https://ce.lijit.com/merge?pid=26&3pid=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F063 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 03:24:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
149747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Jan 2025 03:24:39 GMT
css
fonts.googleapis.com/ Frame F063 		2 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Jan 2024 21:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 20:47:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jan 2024 21:00:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F063 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62787
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 21:00:26 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
2a55077189df13b4b3309bd8895e3c8e4db61c6cb878514dff0d747950a097e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
date
Thu, 11 Jan 2024 21:00:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 7C5E 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
eea754ae2ea80a3b4eb2fcf35349058a
Expires
0
usync.js
eus.rubiconproject.com/ Frame 27AC 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.106 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-106.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 21:00:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2024 14:26:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62740
Connection
keep-alive
Content-Length
10963
Expires
Fri, 12 Jan 2024 14:26:06 GMT
dcm
s.amazon-adsystem.com/ Frame 1037 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=30DD4648-B5ED-444F-A69D-CA9544641527&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9SHM4ACM8FSYPKCNWTV1
ecm3
s.amazon-adsystem.com/ Frame A3B7 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID30DD4648-B5ED-444F-A69D-CA9544641527
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5Q5Y6S6RDWACNCD7MMBG
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E664
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MN1GSLXtRE-mncqVRGQVJw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
23.58.91.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-91-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=110568
accept-ranges
bytes
content-length
5622
expires
Sat, 13 Jan 2024 03:43:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame E664
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=30DD4648-B5ED-444F-A69D-CA9544641527
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=30DD4648-B5ED-444F-A69D-CA9544641527
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4fa39ff1-9584-4f30-b682-9627918f743a%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=4fa39ff1-9584-4f30-b682-9627918f743a%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=4fa39ff1-9584-4f30-b682-9627918f743a%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5e429705-5af2-4d3a-9916-cdb10e4da43e&ttd_puid=4fa39ff1-9584-4f30-b682-9627918f743a%2C%2C
date
Thu, 11 Jan 2024 21:00:26 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame E664 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2030DD4648-B5ED-444F-A69D-CA9544641527&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame E664 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=30DD4648-B5ED-444F-A69D-CA9544641527&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 11 Jan 2024 21:00:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame E664
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzBERDQ2NDgtQjVFRC00NDRGLUE2OUQtQ0E5NTQ0NjQxNTI3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E664
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP1TGn-myXeFWuD1djMIy6A&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP1TGn-myXeFWuD1djMIy6A&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP1TGn-myXeFWuD1djMIy6A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E664
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CEB851FA66C8452BB1074AA4B01A8CFE
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CEB851FA66C8452BB1074AA4B01A8CFE
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 11 Jan 2024 21:00:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CEB851FA66C8452BB1074AA4B01A8CFE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 10 Jan 2024 21:00:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E664
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=
42 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=
date
Thu, 11 Jan 2024 21:00:26 GMT
server
Kestrel
content-length
355
30DD4648-B5ED-444F-A69D-CA9544641527
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E664 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/30DD4648-B5ED-444F-A69D-CA9544641527?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:661c:76e7:ba4a:a9a4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 30AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3R84lN4g2VBd4QkVaV_Fd1rxqXlfUx2bfF9QIG1uzKwSoUy3taH3qh83JHCUIj5ngQ9XdluJSeAkRCQcWPZgqJMMfKUCrtuYwxgGfKTuuAFi7mzCttWRmi3JKAsbixmNJAtswAXEj-Z3-4wf2im8dVW0mPTTwSJtY0LVFjAWvxvevJ82NJ9duxVAJEYayPOrAJmNBtihRuRAoueb2S9H5CqZ4oQb2UhDMcIulrjqu8SenacOpkxNM-LWjTG_OmLkP9YZSMklyhdU92iJ3EGmPGtdRkwdzmDob9Qex8I5I5qi8qffwWbmJON9fgI2RCDmacx1mfC9xKop86opk9A2bQWgck5f02oW9-KNsYO5S7W-1p_HOCHFxxE-6wwO9_l6puCEcMqsWoCBeNKlHyDSAI3as7Anarkkqh3TKs0AUKfEl5u8-G9cPaZQQF_sYlmkbBACF6eV9uB6yXv2qln9IdTE&sai=AMfl-YS54NH_1BGTsIIz160biVXLnayEM_vHE6J3kv_gxckoyK3S_ENvX0cvDWFP2mrD6-IinA0s0BX0Di5j0lvD-nBpOdbxL-_AAtilAFXbPbORaC-vKebpwZSLHRjMHjo&sig=Cg0ArKJSzNqkl-YBuTgoEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 21:00:26 GMT
v3
id5-sync.com/gm/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
63b87f3a9b8e71f7bdbd197b2f738fce11c853f36c450c450cd2210c3aa1e4f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
date
Thu, 11 Jan 2024 21:00:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 2E6A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3c5kE0a2g9f0XiqSpNeZR04WICaGW7W_xasqaJu8RFO7PBXSLa3002xMVs1VE8t67StcUlrwkLCV-tkvl0DYNUKjshVJaEIwO0ZBVpSHZEUFJpSA0LpGhV7eRVsilww7n1qZiLVPreutj2WV1NlcivkwlgiuxP6oSm7jWt1IbvNg_ICqnwtREKD_CpTxlx97JeUFrWvhSAulb46_p1O9cmXzcMV6rz15WoyiO0_6Zh2SSQeZQ5KmWBnWDdsvLlHvcOsiiJgslNuYGhOIZMU3p8f9gWZEZ2QTyDsO5GOuD0yWcu7w74E4QMrLKi9yeYBpfp2_6I7E3qTV5LNYrHAo2RgyWesnmYkKiyc9d9BZvpwRE_cQov8ygxwHGchilLcNiH75esNPE-CWwCJ-Gcvq9vEPpnm9xeB2bUWXwczfe-KZM4CG1BKW67orMSC0wqdn8cI_tdntgK5s&sai=AMfl-YTLMLLhe0GKVDMX1dTJQyObx2jQnOhI-xrV602rSDWHwGjes_4SqMTtg9oHBywRsTbe3nsj1er1knP4MU80ZoIOggkzuYXViGyAxVoDUGChSmRdkgDfayo_zfCGs5g&sig=Cg0ArKJSzBGA4vQ-vYpqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame 27AC 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame F063 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp5YO6VeymP6F8y3jy3oOBdZy_iVxDyUg8rZpCRl4vkP6IfrhibppPOd8YnOU3FzqH4i29exoUGiXxmDKjmurdYxuB_qqZUBe2sV-kYxGXcxnmy5_HtsG6dZu8a-5sEwOwlgfBJnZdwN_yp1XAgwNgKkDk-QtprlLAzA4zbek7x_9gzbw3TyX7MIdn6sFmtxwai_Tgn6sbnjp8d6ZrrNIrXwqoRgHNz5UPtiUNbApLSAua6U1msq7yykfZh8T8ednlF7lcDO1q0L5z61da6VX_5pKRrFa_d9wcfhfzIVLmpNvuR-8XyEdZFvmxlfMWaG3p92mENynM7B1M9gV8TYn78WRKSnaS4zjnMDOaUSjkInH_lZyPaOmJAFKmfcH-cSynnJJgdQnhW87-_TU4fS3DR9AW_gE-lI6NDbpAO0kKPU8xHmD_ogqPrzFn28o6zcybYluVLtkoAoQoJ9zrghA&sai=AMfl-YRb4-_YgJUbFtkm0ZwAhXxW5LKu2A1mRhv6ngDMhn7W0qh67E9ughTR7Im1oZJLP-mSbbOJJQcAI7Ers71eJNXZ9ogUIvTmYsTKuJdogMW3yMZguez7WZ_JcVhoKcU&sig=Cg0ArKJSzJXBqFjUbN4fEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
URL: https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E6A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:41:38 GMT
x-content-type-options
nosniff
age
177528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 19:41:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E6A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:15:11 GMT
x-content-type-options
nosniff
age
132315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:15:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E6A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssicjTwxD9v34_k4FAswBcszo5xNZOxZHSRzqrCqmUggUihCJEcXF7BbqcH5dAvp_wpWEEzIrIM3WykHMbi5K12UPUvQD6b2xw5vJJh9HRA5yaWjpr3ArgWrwh02U8UIo-3i_NMvEOkjEkSbR_n6g-HlwE0i-dpdd3K_iBJl8doqsRMhf8ZvGFtFg1jgmqRA-rEru-ebiwFG8d8GD95lnLrIiyrdNv4lbXKR85XPjzmYo0ziL6VEmIuJ4lkbVE22fkcaDy0YklOvuBeISgk0xJEJtk5fBeNsYpUTovetgZE8HbDw82c8WBF7-VOAIqNGLkKEvY7amtq9Q4P0Hnu6938RrM4KYxrSakwgEyX73tl5GhH0qJG-0YSLO-cjjBcoKki7OGwRm5Ffp6zz0vbvh7vaKfduxQzvtIWe_pnIcRD_TMxxDjnfkI4BFUhGmVBB6dgqvNlC6hcpXr4Zg&sai=AMfl-YTlbrVxxyIGgH8DhbGQansAHbXfv87sbV19-e4owOWgXo-Bc-jZhblAohB62WnHsTicg8SOJSSqbU30QkxV3g8H2g25RgDxHKf1HHG19VzWvDIyUQ4sir8VJ6YFXEo&sig=Cg0ArKJSzCec27NQ7qJJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 21:00:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F063 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:15:11 GMT
x-content-type-options
nosniff
age
132315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:15:11 GMT
ecm3
s.amazon-adsystem.com/ Frame 7C5E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&us_privacy=1---&khaos=LR9P1J24-1H-K54I
  • https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K34688A39MXH4RYKZCQK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
truncated
/ Frame 2E6A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43f44e377bd4d7a09a409ca3d51ecf4cffbc34a536ae204c5d4396150d08f238

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F063 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f225c38ee7f1cbe2dca4cb0df8cbe5f93ddb74565e4bbee39a41e00ba837180

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
usersync
usersync.gumgum.com/ Frame 27AC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=LR9P1J24-1H-K54I
  • https://usersync.gumgum.com/usersync?b=mag&i=LR9P1J24-1H-K54I&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LR9P1J24-1H-K54I&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LR9P1J24-1H-K54I&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
setuid
px.ads.linkedin.com/ Frame 7C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
0
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B044500831F24924B151FC5CCDD33228 Ref B: MIA301000106049 Ref C: 2024-01-11T21:00:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-source-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOsdZChvJYU3oQ0P+cjQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI5UDFKMjQtMUgtSzU0SQ==&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEGCdj1vHB7N0HaKZYwu-LJE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5UDFKMjQtMUgtSzU0SQ==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5UDFKMjQtMUgtSzU0SQ==&google_push=&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI5UDFKMjQtMUgtSzU0SQ==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 7C5E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AEA0RHCN84ZAN1RT5NKH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LR9P1J24-1H-K54I&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 7C5E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=&expires=30
42 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5e429705-5af2-4d3a-9916-cdb10e4da43e&gdpr=0&gdpr_consent=&expires=30
date
Thu, 11 Jan 2024 21:00:26 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 7C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDg0ZTk1YjUzM2YyNGViMDNjMTg0OTFkNjEyNDIwZjdkOTVkMjJkMA&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDg0ZTk1YjUzM2YyNGViMDNjMTg0OTFkNjEyNDIwZjdkOTVkMjJkMA&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDg0ZTk1YjUzM2YyNGViMDNjMTg0OTFkNjEyNDIwZjdkOTVkMjJkMA&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7C5E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-ibfCEh4SM6NbjLgJcMnmg&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ibfCEh4SM6NbjLgJcMnmg&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ibfCEh4SM6NbjLgJcMnmg&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5B3PPT8J7VDQE5KGSFH0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-ibfCEh4SM6NbjLgJcMnmg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7C5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC1WEnOR7uFVJBjMdAkjn3A&google_cver=1
42 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC1WEnOR7uFVJBjMdAkjn3A&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC1WEnOR7uFVJBjMdAkjn3A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1jxHT7Wf1_6Zd0-hinymkMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LO6ZfM5E2oJ42AK0m_XiPDJJPRr0KUKWCwKLhQ--~A
42 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LO6ZfM5E2oJ42AK0m_XiPDJJPRr0KUKWCwKLhQ--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 11 Jan 2024 21:00:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LO6ZfM5E2oJ42AK0m_XiPDJJPRr0KUKWCwKLhQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7C5E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZWBYYYMQJBZ53Y9JE1SC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7C5E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACiaU7LQK4AABP4tSLlpg&expires=30&gdpr=0
42 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACiaU7LQK4AABP4tSLlpg&expires=30&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACiaU7LQK4AABP4tSLlpg&expires=30&gdpr=0
Date
Thu, 11 Jan 2024 21:00:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame 7C5E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:26 GMT
an-x-request-uuid
1e08ea3b-8c57-48e5-bda9-511f6d51bc86
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.70; 38.132.118.70; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
merge
ce.lijit.com/ Frame 7C5E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:26 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
cksync
hb.yahoo.net/ Frame 7C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR9P1J24-1H-K54I&redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR9P1J24-1H-K54I&gdpr=0&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Jal9LcnZkRTJ1RmhSOU1nT0p3MEp0QXF3UHVob0ZnTX5B&gdpr=0&ovsid=LR9P1J24-1H-K54I&us_privacy=1---&dpid=58160
57 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Jal9LcnZkRTJ1RmhSOU1nT0p3MEp0QXF3UHVob0ZnTX5B&gdpr=0&ovsid=LR9P1J24-1H-K54I&us_privacy=1---&dpid=58160
Protocol
H2
Server
23.40.179.154 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-154.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 11 Jan 2024 21:00:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Thu, 11 Jan 2024 21:00:27 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1Jal9LcnZkRTJ1RmhSOU1nT0p3MEp0QXF3UHVob0ZnTX5B&gdpr=0&ovsid=LR9P1J24-1H-K54I&us_privacy=1---&dpid=58160
date
Thu, 11 Jan 2024 21:00:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 7C5E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
0
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 7C5E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 7C5E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-onetag_pm-db5_rbd_rx_ox-db5_smrt_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Server
3.91.113.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-113-229.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR9P1J24-1H-K54I&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame F063 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2lzkv0FI5g_pcaGu50nmUtPXMFW8OdGmJzTWRosv_XQ1XLpX4gXj2GCRWUJkbr2yD-G7by__4eYF9ntwCNfXFFcSafwLUlcdOgducTI2lbL_kNm-RYbUItpc4vPurKY6gmGjIQY209Rh-e8Xvo9MmmfuSV7wUHxR0FYe408to46fDqcP7LQhPfP6JCM0PI5BLHJZIx3zmipOSn2QT6ZmOVF1H4HmoPThdTvicx4O1PPRWNNo19hKmmoHnQPWDl2UX5Egglp0OcT0xYhPo8CsXURe1vhkmMgAsK94pnPvPt9Mm1Bl6oFdxJIFC1j5dmviBjX-RELiQKVp2_sQflyiOn-MNLUTBe9uxXGWcdvdGIKCNeDsvhEYVfTyb7Vnp2oRnE2HHEciQiCMHZm-5k2xRVGHriUK9iY8dGaeNvlwcyB6WVe1rQeMXEmwbABwrPC5oiLnLy25EitSdWWn8LH0myw&sai=AMfl-YSrDlbbK3feAqGkQzjAGvekS26B0s8Q324ZkJfadBL6VLNtxNpkXTrv_b7v7xm3Fm7kJbyFkX4nsCpSumGLXW7EBZY3wP-MshZFH-9h0Xb-GP6ppg1COy0kM5z5cyY&sig=Cg0ArKJSzPGUp1itlPXwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 11 Jan 2024 21:00:26 GMT
gen_204
syndicatedsearch.goog/afs/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndicatedsearch.goog/afs/gen_204?client=softonic&output=uds_ads_only&zx=965af3hnec55&aqid=6FagZcWtOvWPnboPr4yDiAo&psid=3261714721&pbt=bs&adbx=508&adby=1604.328125&adbh=222&adbw=290&adbah=50%2C50%2C50%2C50&adbn=master-1&eawp=partner-softonic&errv=588056317&csala=4%7C203%7C670%7C185%7C16&lle=1&ifv=0&hpt=0
Requested by
Host: microsoft-security-essentials.softonic-ar.com
URL: https://microsoft-security-essentials.softonic-ar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-4VTmHCYWAwrRSenhIYHsSA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-4VTmHCYWAwrRSenhIYHsSA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Thu, 11 Jan 2024 21:00:26 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401040101&st=env
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d98de156c42051e47eeeb3ca664783fa4dc441f7d4a7df4f8232e3cb7b2caf0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12167
x-xss-protection
0
offersv2.min.css
dnlgm0m0r44nl.cloudfront.net/gaia/0.53/css/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dnlgm0m0r44nl.cloudfront.net/gaia/0.53/css/offersv2.min.css
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.38.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-38-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ef5073c6e8dcffe3f6e5c98082c0ff1e5f030aad0d0008d30e3140085c84917

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 09:05:03 GMT
Via
1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Feb 2015 17:06:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P2
Age
43375
ETag
"3d22a39c5e3553db2f6f716c0819604b"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15788
X-Amz-Cf-Id
4Qpj63HzKYloSR8LfqQS-Pg62hy88bsLo1zN-eIfQ5mw6smDw8tDww==
link
search.srvtrck.com/v2/page/ 		2 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.srvtrck.com/v2/page/link?ctx.dist=low&distinct_advertiser=3&fields=price,advertiser,logo,ad_type,icon&logo.dim=150X150&url=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&abtag=abp:false&api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554&tid=43aa5a6b-4f99-4dbe-81c8-34c37867c7c2&dch=gaia&tna=gaia&tv=0.121&title=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&refr=&page=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&afsrc=1&cache=U2GJTIJU82245J82A2TICEST240LUO76&vid=null&dnt=0&set.cache=true&ad_space=&version=0.121&loc=use_geo&size=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
content-language
en-US
cache-control
max-age=3600
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
cf-ray
844016dced7e02ed-MIA
alt-svc
h3=":443"; ma=86400
uuid.html
hades.srvtrck.com/v2/ Frame 1427 		311 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/v2/uuid.html
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
29533
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
844016dcfd9d02ed-MIA
content-encoding
br
content-type
text/html
date
Thu, 11 Jan 2024 21:00:27 GMT
expires
Fri, 12 Jan 2024 21:00:27 GMT
last-modified
Wed, 10 Jan 2024 18:52:48 GMT
server
cloudflare
vary
Accept-Encoding
i
i.srvtrck.com/v1/ 		68 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.srvtrck.com/v1/i?e=pi&api_key=937717f2ba3900dbf10df23aba52974b&site_id=b772ff73d6da4b6aaec7377ff6ead554&tid=4a9e4fa5-4415-4bfa-b760-af6d809f6b02&dch=gaia&tna=gaia&tv=0.147&title=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&refr=&page=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&afsrc=1&cache=DANI32R7JLPKTFU4HF19OSAFMCO48Q3V&vid=null&dnt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
p3p
CP="CAO PSA OUR"
cf-ray
844016dcfd8c02ed-MIA
alt-svc
h3=":443"; ma=86400
content-length
68
rtg.gif
notix.io/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notix.io/rtg.gif?px=00feb176-39e3-42ba-9efa-9ee75d162f39
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
43
json2.js
hades.srvtrck.com/static/ Frame 1427 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/static/json2.js
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:52:49 GMT
server
cloudflare
age
20674
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=86400
cf-ray
844016dd5e1f02ed-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 21:00:27 GMT
hades-server2.js
hades.srvtrck.com/static/ Frame 1427 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/static/hades-server2.js
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:594a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:51:43 GMT
server
cloudflare
age
26362
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=86400
cf-ray
844016dd5e2102ed-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Jan 2024 21:00:27 GMT
profile
hades.srvtrck.com/v1/ Frame 1427 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hades.srvtrck.com/v1/profile?action=create&ykuid=1zdxt4vt13ole2hcrlh3ib
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:5a4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Jan 2024 21:00:27 GMT
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
844016ddd8569ae9-MIA
alt-svc
h3=":443"; ma=86400
content-length
1095
expires
Fri, 12 Jan 2024 21:00:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30AE 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWGtr3wv58vGsfw0wjytq8WWwO7ncvIwCgzh6hGQ3-uj68q6S720heJeC9p63rleILv_chML-QMGui3F2FxMJ98lOMg9vOcjemzKvf1AKbkbFtDcYzcWAne9CW8ZB-DJoPwmjCEOJtWby4_AFUk09yFSwH&sig=Cg0ArKJSzKXTigQUzFkzEAE&id=lidar2&mcvt=1001&p=148,315,398,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=830642617&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705006825743&rpt=421&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401040101/pubads_impl.js?cb=31080327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 11 Jan 2024 21:00:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4817 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3050
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 20:09:37 GMT
expires
Fri, 10 Jan 2025 20:09:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C55 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0993803f2abc676112d5886dcef955ca6ea807cae5812d00b97a70104444ee2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZKgT3WoAuGFnoVjMuA8LsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://microsoft-security-essentials.softonic-ar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZKgT3WoAuGFnoVjMuA8LsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:00:27 GMT
expires
Thu, 11 Jan 2024 21:00:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 4817 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:12:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401040101&jk=139994871044085&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E6A 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxc4QokU6AI8DfqlHxvf0u_uZ-clwfHcqt1K7SuSJaFiEdiz1Hsii_eaAvLtzgr4V2yI8xnR9pFbtjhvYl0C5tUyDZ035MsoEJ8VP2y_3pj49tc16ceqLCTc-FOVzS42vogmqgWtxckC5B1t5KSvV4Lwli&sig=Cg0ArKJSzNE4T2ORyVZ7EAE&id=lidar2&mcvt=1001&p=439,184,1039,484&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1405851431&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705006825716&rpt=674&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4817 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NZXJ9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F063 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_-kM7XY3QKvcpRHAA3SfGZugI27yzYP3ES5YFdIG2Zwk_mexv3YPUCEXNMf9Hq6VJM5S-dcfFO496Y_orMmuLbWAynqjcVHA5_uD1HDYmLQqyFj_9agDg051eECvae78f3jnqUJ1NLqKg6iQ-QXQiFJbN&sig=Cg0ArKJSzKNCY8_g39hvEAE&id=lidar2&mcvt=1039&p=0,0,48,1600&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2213152915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705006825731&rpt=981&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E664 		0
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401040101&jk=139994871044085&bg=!eHulezTNAAaumcC-jpk7ADQBe5WfOCALOSrk2xw_86haZN7iWEV9hpnX2iwyul0E3ioCI8A9k5mLEyx0HKBXvop1hvFFAgAAAUZSAAAABWgBBwoAhvW1YD4i2-JpnSBIqBZpSI4zWwBDo8C-mcf7CvusBZF86tlZ1ZHoU4mVdHhRUim4m6u35FzTM_mLIO5U6y_FOnihmfLZEpFLrSxMxKSWMnCpOFcoloXOKGYZzWV8faemxNzNYtrWg-eNloxK6gnRwXTrHazv86eKlNoyDl9z3fA4m9SwzizsmQLmCPePgJNMeDupNLZc2549MNFDnvihsuMlSH5WcnJOpugd0E2sL_rZSKr9p5YfAaVo6A9TWv5glGljx4KR-SGqZQh5mPkspFPtDsFkjMgY74bIohgsSgeNPvFj0vDuB_zQboK0tOX7J1Ua0AWGEptQZ8F3xags-gMIBw32PSbDiwo2uzSi2rlf01ZDYsqSEshc38ALht9vyJcLu3jPm2LJPCfPP3DKEe8x7X2T_kAF_FIyzfh7eKdWXqygdeZ3noGjGGlDxiY9I6e6jzzDBF4AjfB8lV3wQd1k2upZxCA23YSWKpavjMlDbm_LTI_8D9PsBFLLTNINitU8VMfppTEwxlG8wYpdgYsl53Kz96OPJhpu5esf2HqN3x8IFte9XDNNYEMPFiyA770cuahX4eCBw10cQCSlwdkSVLd8HF5Ss3-5IYk_su5AKn__psBBwR5B_ueieERVwce3JAFcyMQuN5L99p1q_HzVGeRK30f-qJQ4HMmG5Q3Cqivh4lUnk0xBdotgWzS2u9f9jQzz4Ib27vivL_L0JrqVcKYJqDwWQ6q6941uO4vQuKP5hoYwqJXrRe4YbdpgPL3TFkGVWxs9-K81duor3AIaRtulyrmY-ZTExFoUAwnM58Jf6zbt6Q6wuQUwkdIfe9anryfctBsqeHPieAe4l8nSd6IIqklU1bw4ORk6nnookzStuCZVL-bedcc7d-1ux0n4-gkWMuDhA-0IX78Q5xlVY6cTse_gXVCg2ivn_XwtkCW21MC7O53PdvGv3KMdKjXY6bOZ67vcvPiIjEDkZHhbECvBRfNFBCXyPfSGypxf9ZUk423V9lgYgBEFaTErrChAyRCjkLSNKEndHyE-LwPk0rXETKmLtbOw26rUSlTxPuW8Y6m1oM56NMNziWMQDfA_wSrig33CLTn2jK0zX-IRWDBRLdjCPoYFJSl88s4mRedOngaXXnwW2sGlPIhN0GWTAaon_GxJA65hzCe35g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame E664 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12401653&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cfdffc63c4820469e776ba6b4a935edc607637a4959f5cf79364cde69b93a81c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 11 Jan 2024 21:00:28 GMT
content-length
1624
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame E73E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=73836372-b0c4-11ee-8f5e-6e51af5f9eec
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=73836372-b0c4-11ee-8f5e-6e51af5f9eec
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 11 Jan 2024 21:00:29 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=73836372-b0c4-11ee-8f5e-6e51af5f9eec
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 559E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDaWFVN0xRSzRBQUJQNHRTTGxwZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACiaU7LQK4AABP4tSLlpg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8228395257861458961&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AACiaU7LQK4AABP4tSLlpg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8228395257861458961%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8228395257861458961&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
  • https://sync.technoratimedia.com/services?uid=AACiaU7LQK4AABP4tSLlpg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8228395257861458961%26gdpr%3D0%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8228395257861458961&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACiaU7LQK4AABP4tSLlpg&gdpr=0
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACiaU7LQK4AABP4tSLlpg&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 21:00:30 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACiaU7LQK4AABP4tSLlpg&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4A45
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4351479220626828673&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4351479220626828673&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
03a3610e-f901-45ae-a817-c12b10da0a98
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4351479220626828673&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
38.132.118.70; 38.132.118.70; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 9CA9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaBW7QANzC_F6wBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760048-MIA
x-timer
S1705006829.222792,VS0,VE26

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 11 Jan 2024 21:00:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZaBW7QANzC_F6wBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760048-MIA
x-timer
S1705006829.101212,VS0,VE26
ecm3
s.amazon-adsystem.com/ Frame EE1A 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID30DD4648-B5ED-444F-A69D-CA9544641527
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
NKPDEPY3WHYDCXWJJWMD
insync
thrtle.com/ Frame E664
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=30DD4648-B5ED-444F-A69D-CA9544641527&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1a6bbf94-3a80-4e4d-b7ef-13e44c460022
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=30DD4648-B5ED-444F-A69D-CA9544641527&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1a6bbf94-3a80-4e4d-b7ef-13e44c460022
Protocol
H2
Server
44.219.58.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-58-122.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Thu, 11 Jan 2024 21:00:29 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=30DD4648-B5ED-444F-A69D-CA9544641527&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1a6bbf94-3a80-4e4d-b7ef-13e44c460022
date
Thu, 11 Jan 2024 21:00:29 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame E664 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:28 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame E664 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-81-23.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:29 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame E664 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.102.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-102-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 11 Jan 2024 21:00:29 GMT
SPug
image4.pubmatic.com/AdServer/ Frame E664
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=30DD4648-B5ED-444F-A69D-CA9544641527&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ALL3fBE2uWwtlcxAo_bpihWndUPpkY-~A&gdpr=0
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ALL3fBE2uWwtlcxAo_bpihWndUPpkY-~A&gdpr=0
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8ALL3fBE2uWwtlcxAo_bpihWndUPpkY-~A&gdpr=0
date
Thu, 11 Jan 2024 21:00:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E664
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4afffdcc-d345-494c-be75-fdcb7daafa99&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4afffdcc-d345-494c-be75-fdcb7daafa99&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4afffdcc-d345-494c-be75-fdcb7daafa99&gdpr=0&gdpr_consent=
Date
Thu, 11 Jan 2024 21:00:28 GMT
Connection
keep-alive
X-CI-RTID
9febc9cc-a498-4ec0-b568-c90fa41282ed
Content-Length
205
Content-Type
text/html; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 174D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50086453&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7b5716ff5b45abadfefa383209d1c05f98d669ae96034629fbc828ca86252cce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 11 Jan 2024 21:00:29 GMT
content-length
1898
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame A334
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_32c0b4d07a55424cbb8c5
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_32c0b4d07a55424cbb8c5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Thu, 11 Jan 2024 21:00:28 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_32c0b4d07a55424cbb8c5
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
Pug
simage2.pubmatic.com/AdServer/ Frame 98A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=64ddd6f7-87f2-409c-8b34-25dd7f7128ed&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 21:00:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 21:00:29 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8bc9387f-1282-4544-9e5d-7a38e5909374&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame E7C2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61
42 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 11 Jan 2024 21:00:29 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame E504
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pvNbrYB61Ro2a95&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pvNbrYB61Ro2a95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 11 Jan 2024 21:00:29 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:pvNbrYB61Ro2a95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0e7b857660c2c5cae@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 958D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 11 Jan 2024 21:00:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=-tBDgfwlV_hvwp42xPpc4iaEdkY&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 514D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=30DD4648-B5ED-444F-A69D-CA9544641527
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:29 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 174D 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-15.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:29 GMT
via
1.1 4416a31c9d77f8f8b877d81f840c88c8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P4
content-length
0
x-amz-cf-id
CR6yFeoHwOa7pgzh_8zFOwLUirfeJZ62c92Drr9zAXivbRd2wU_wWg==
x-cache
Error from cloudfront
db_sync
px.ads.linkedin.com/ Frame 174D
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CPy7KxIwCiwIARCFpQoaJDMwREQ0NjQ4LUI1RUQtNDQ0Ri1BNjlELUNBOTU0NDY0MTUyNxAAGg0I7a2BrQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&rand=05923858
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&rand=05923858&expected_cookie=3566eeee-dd59-496f-91aa-84e70c91f420
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&rand=05923858&expected_cookie=3566eeee-dd59-496f-91aa-84e70c91f420
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 950D0D3663E946349E1D0386A0BE8528 Ref B: MIA301000106049 Ref C: 2024-01-11T21:00:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOsdZ2A3tCUPHz+KUZKQ==

Redirect headers

date
Thu, 11 Jan 2024 21:00:30 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 86BE97C0D1974B2D861EFA14464B187F Ref B: MIA301000106049 Ref C: 2024-01-11T21:00:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=f1f84c4c27ee51ba0a14bee701023409f60a81d98f584dbda65216fff5b2939a791426b5417dce21&rand=05923858&expected_cookie=3566eeee-dd59-496f-91aa-84e70c91f420
x-li-proto
http/2
content-length
0
x-li-uuid
AAYOsdZzNPHPfeay5CUGOw==
gdpr_consent=
bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/ Frame 174D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/gdpr_consent=
  • https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/gdpr_consent=
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/gdpr_consent=
Protocol
H2
Server
3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-169-119.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.59.182
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=14701/tp=MTAI/tpid=30DD4648-B5ED-444F-A69D-CA9544641527/gdpr=0/gdpr_consent=
cache-control
no-cache
x-server
10.40.62.154
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 174D 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 174D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1433f9dd813e0fa9&is_secure=true&networkId=17100&version=1&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGwuiK0JzDdAN6VLNAAAAAAAA&expiration=1705093231&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGwuiK0JzDdAN6VLNAAAAAAAA&expiration=1705093231&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGwuiK0JzDdAN6VLNAAAAAAAA&expiration=1705093231&nuid=30DD4648-B5ED-444F-A69D-CA9544641527&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 174D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3da2d744-103c-40ad-a37f-7435b3abdf5c-65a056ed-5553&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3da2d744-103c-40ad-a37f-7435b3abdf5c-65a056ed-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:29 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=3da2d744-103c-40ad-a37f-7435b3abdf5c-65a056ed-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 174D 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.215.153 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-215-153.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 174D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2323851562009475149&gdpr=0&gdpr_consent=&us_privacy=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2323851562009475149&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 21:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2323851562009475149&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 11 Jan 2024 21:00:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sn.ashx
pmp.mxptint.net/ Frame 174D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10F23AA9F_6F144E98&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
204.2.226.29 Springfield, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-388011629; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 11 Jan 2024 21:00:28 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-388011629; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 11 Jan 2024 21:00:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R5K71YRXMV&gtm=45je4180h1v877889940z86335967&_p=1705006823385&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=2089169067.1705006824&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1705006824&sct=1&seg=0&dl=https%3A%2F%2Fmicrosoft-security-essentials.softonic-ar.com%2F&dt=Microsoft%20Security%20Essentials%20-%20%D8%AA%D9%86%D8%B2%D9%8A%D9%84&en=di_request&ep.page_type=program_page&ep.site_language=ar&ep.google_click_id=&ep.test_variant=&ep.pv=1&ep.suitable_campaigns=winzip-compression%2Cavast-backup%2Cnorton-secure-browser&ep.detected_country=US&_et=12&tfd=7095
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R5K71YRXMV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://microsoft-security-essentials.softonic-ar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://microsoft-security-essentials.softonic-ar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E664 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:06:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 174D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:07:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 174D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1783576&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9d88ce528db48e42087799ed552a8252514dd94868151e09257b137f12979243

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 11 Jan 2024 21:00:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame A8F2
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d5982542-dce5-4bae-b81c-54d080b4fe5e&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=30DD4648-B5ED-444F-A69D-CA9544641527
42 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=30DD4648-B5ED-444F-A69D-CA9544641527
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.250.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:32 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 11 Jan 2024 21:00:32 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=30DD4648-B5ED-444F-A69D-CA9544641527
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame F252
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=pubmatic&gdpr=0&gdpr_consent=
42 B
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 11 Jan 2024 21:00:32 GMT Thu, 11 Jan 2024 21:00:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT Thu, 01 Jan 1970 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=N-PqagYLR0fPFQ7FewTNKTjslGXgPkBYOLtZJtf8q4s&pi=pubmatic&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
usersync.aspx
dis.criteo.com/dis/ Frame 21C3 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 21:00:31 GMT
expires
Thu, 11 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
304522
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame AABC
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321841463688766
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321841463688766
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 11 Jan 2024 21:00:32 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=979321841463688766
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pubmatic
ad.mrtnsvr.com/sync/ Frame 65F7 		0
0
i.match
s.tribalfusion.com/z/ Frame 66D4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
844016fe3e940302-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
844016fd8d870302-MIA
content-type
text/html
date
Thu, 11 Jan 2024 21:00:32 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1064
Pug
simage2.pubmatic.com/AdServer/ Frame EEF3
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875837582589
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875837582589
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=875837582589
Pug
image2.pubmatic.com/AdServer/ Frame D02F
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6cb3977631f742e5824f364d98f6de68
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6cb3977631f742e5824f364d98f6de68
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 11 Jan 2024 21:00:32 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU6cb3977631f742e5824f364d98f6de68
pragma
no-cache
server
nginx
/
csync.loopme.me/ Frame 9695 		0
0
usersync
usersync.gumgum.com/ Frame 0860 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=30DD4648-B5ED-444F-A69D-CA9544641527
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.172.99.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-99-217.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 11 Jan 2024 21:00:32 GMT
Expires
0
Pragma
no-cache
/
bpi.rtactivate.com/tag/ Frame 174D 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.49.71 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:00:32 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 174D
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=30DD4648-B5ED-444F-A69D-CA9544641527
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=30DD4648-B5ED-444F-A69D-CA9544641527&_li_chk=true&previous_uuid=48cb349273e6483385c786fe65551693
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Protocol
H2
Server
74.119.119.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
191540
expires
Thu, 11 Jan 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Thu, 11 Jan 2024 21:00:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame 174D 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=30DD4648-B5ED-444F-A69D-CA9544641527&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.6.220 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.138
content-length
49
expires
0
/
io.narrative.io/ Frame 174D
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:30DD4648-B5ED-444F-A69D-CA9544641527
  • https://io.narrative.io/?io.narrative.guid.v2=7558b350-b0c4-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:30DD4648-B5ED-444F-A69D-CA9544641527
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=7558b350-b0c4-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:30DD4648-B5ED-444F-A69D-CA9544641527
Protocol
HTTP/1.1
Server
54.225.179.207 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Thu, 11 Jan 2024 21:00:32 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=7558b350-b0c4-11ee-a180-0a02e9f38595&companyId=673&id=pubmatic_id:30DD4648-B5ED-444F-A69D-CA9544641527
Date
Thu, 11 Jan 2024 21:00:32 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 174D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=353044760378183193
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=353044760378183193
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 11 Jan 2024 21:00:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 11 Jan 2024 21:00:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=353044760378183193
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture boolean| gdprAppliesGlobally object| didomiConfig function| __uspapi object| dataLayer object| revamp function| gtag function| gtag_report_conversion function| _googCsa object| revampAdRendered object| eventTracker string| GoogleAnalyticsObject function| ga object| webpackJsonp object| didomiRemoteConfig string| didomiCountry string| didomiRegion object| didomiGeoRegulations number| googleNDT_ number| googleAltLoader object| google object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| didomiEventListeners object| didomiOnReady object| google_tag_manager function| postscribe object| google_tag_manager_external object| webpackChunk_softonic_revamp_api function| tdDisplaySlots function| tdDisplayInterstitial object| apstag object| __uspapiBuffer function| __sasCookie function| onYouTubeIframeAPIReady object| ramp object| webpackChunkDidomi object| Didomi object| DidomiSanitizing function| __tcfapi object| didomiState object| _wct number| experimentId_ undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| GooglebQhCsO object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| _aps boolean| apstagLOADED object| apscustom object| DD_RUM object| YK object| YKConf object| Jaml function| hideYK function| fadeOutYK function| fadeOutYK2 function| setOpacityYK function| fadeYK function| fadeInYK function| ykShow function| ykHide function| getElm object| gaplugins object| ID5 object| __id5_instances function| Waypoint function| _33AcrossIdMappingsProvider object| gaData object| YIELDLINK object| YIELDWORD string| request object| img object| iframe object| categoryConfig string| category string| imgPath string| imgSrc object| GoogleGcLKhOms object| google_image_requests string| linkDomain

181 Cookies

Domain/Path Name / Value
.softonic-ar.com/ Name: _usr_orgn
Value: direct
.softonic-ar.com/ Name: _swo_pos
Value: 982
.softonic-ar.com/ Name: rv_prebid_position
Value: 334
.softonic-ar.com/ Name: rv_test_position
Value: 768
.softonic-ar.com/ Name: rv_fp_ad_session_id
Value: e8a2e018-5dcb-4fcc-989a-ea6392ec30fd
.softonic-ar.com/ Name: rv_fp_pv
Value: 1
.softonic-ar.com/ Name: _gcl_au
Value: 1.1.13779088.1705006824
.softonic-ar.com/ Name: session.pv
Value: 1
.softonic-ar.com/ Name: persistent.fpmUserId
Value: 6cf405a2-f82a-4d3a-904c-db4188921d35
.softonic-ar.com/ Name: session.fpmSessionId
Value: 5ee99670-67bb-4415-8ed1-c199ad2b693d
.softonic-ar.com/ Name: rv_google_ppid
Value: 6781edaa-3244-4e22-a66a-f878f42613ec
.softonic-ar.com/ Name: __gsas
Value: ID=196c3395532c3c00:T=1705006824:RT=1705006824:S=ALNI_MaH-7CRSBub2bwlbnhY47w563_myg
.softonic-ar.com/ Name: _ga_R5K71YRXMV
Value: GS1.1.1705006824.1.0.1705006824.60.0.0
.softonic-ar.com/ Name: __gads
Value: ID=c29934a041baf1ca:T=1705006824:RT=1705006824:S=ALNI_MY8EuSHT5bR_o43NiH1lzjONm6KBQ
.softonic-ar.com/ Name: __gpi
Value: UID=00000a072adfdac5:T=1705006824:RT=1705006824:S=ALNI_MYkL4D9rgZVtCEtb8IpkJUCR8E4ig
.softonic-ar.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.softonic-ar.com/ Name: _ga
Value: GA1.2.2089169067.1705006824
.softonic-ar.com/ Name: _gid
Value: GA1.2.1379699897.1705006825
.microsoft-security-essentials.softonic-ar.com/ Name: _ga
Value: GA1.3.2089169067.1705006824
.microsoft-security-essentials.softonic-ar.com/ Name: _gid
Value: GA1.3.1379699897.1705006825
.33across.com/ Name: check
Value: true
.amazon-adsystem.com/ Name: ad-id
Value: Ay8dKeFd50m1ly0Bz6e-N9s
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.softonic-ar.com/ Name: _wctrck
Value: 1705006824807.qFIyZmUCZm18sAYfMzHnfi2eJmUKtoWyJlW4cmYeZlL12BYH2qGKYBRnwzhbszRLgBGWctnrfslHci2mJl3mtnVqxAljwzxvgBWbxqGKcn2Ghi7qJnUL2vGSdmUatmGqLtGm3DVrMBPDfkGaJl18sySXwA69wtIOJiHvNiSiYnWGdnYGJnWatnWCtmIOJiKL2CIWIi0ido2adm1aZnX4Yn2ato2eto4aJmIOJiKL2yNjYE
.openx.net/ Name: i
Value: 2193a659-c485-0dff-25c8-b8f470fc16dd|1705006825
.3lift.com/ Name: tluid
Value: 4687778659021120377048
.smartadserver.com/ Name: pid
Value: 8228395257861458961
.gumgum.com/ Name: vst
Value: u_bbcb27a7-903f-4080-b759-1de2690e3bb3
.openx.net/ Name: pd
Value: v2|1705006825|vMgavPkWgy
.id5-sync.com/ Name: 3pi
Value:
.yahoo.com/ Name: A3
Value: d=AQABBOlWoGUCED9ZnI2kltCL3LEyXiab7RQFEgEBAQGooWWqZQAAAAAA_eMAAA&S=AQAAAslmHqyfz9q21LXzOVgDnDI
.adnxs.com/ Name: uuid2
Value: 4351479220626828673
.adsrvr.org/ Name: TDID
Value: 5e429705-5af2-4d3a-9916-cdb10e4da43e
.deepintent.com/ Name: CDIUSER
Value: di_32c0b4d07a55424cbb8c5
.lijit.com/ Name: ljt_reader
Value: H-bMiPZHj4mtUmTKSZWqcG6-
.turn.com/ Name: uid
Value: 2323851562009475149
.contextweb.com/ Name: V
Value: mwuXGqTuwYD5
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4fabeb77f1a8bdb8
.bidswitch.net/ Name: tuuid
Value: 8bc9387f-1282-4544-9e5d-7a38e5909374
.bidswitch.net/ Name: c
Value: 1705006825
.bidswitch.net/ Name: tuuid_lu
Value: 1705006825
.doubleclick.net/ Name: IDE
Value: AHWqTUmSC7D9Dad3CtkDPmjSZ8Q7NGfUDpJ4C4F7PeRC2u-Jz-SzsCoMzLMqy95MLJw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-fad04381-fc25-57f8-6fc2-9e36c4fa5ce2.SaVB4ZPWZoJCJYf6BobQFVtoTzLFHBGyhJD4Dai6Uus
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A-tBDgfwlV_hvwp42xPpc4iaEdkY.EF3y0bHJDef4jgl6wcictFqTQBPGeu2zaguJ3BakQTI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCDprYGtBjABOgRvD7diQgTE9_dS.%2BAqzx35jojTQFzPS2rrPiyO8ATRriWwa%2F5q%2BojpkAGQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIAPUedzHQELGu9dQtoE8inZnRYgwfzgcKmWRYGWBTArwEHwYBCDprYGtBjABOgRvD7diQgTE9_dS.%2BAqzx35jojTQFzPS2rrPiyO8ATRriWwa%2F5q%2BojpkAGQ
.ipredictive.com/ Name: cu
Value: 4afffdcc-d345-494c-be75-fdcb7daafa99|1705006825879
.adform.net/ Name: C
Value: 1
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDcwMzI0MzEy1VEyNDBCFbAwR1dgjCpgZAbmmwKhgZFpLQCzjBCG
.zemanta.com/ Name: zuid
Value: V_6xSp-oOMYlXRk8oz7J
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005%22%7D
.adform.net/ Name: uid
Value: 353044760378183193
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 30DD4648-B5ED-444F-A69D-CA9544641527
.openx.net/ Name: univ_id
Value: 537072971|5e429705-5af2-4d3a-9916-cdb10e4da43e|1705006826014791
.creativecdn.com/ Name: u
Value: eKWZRWD3petQIF7iHSSo
.creativecdn.com/ Name: g
Value: eKWZRWD3petQIF7iHSSo_1705006826086
.creativecdn.com/ Name: ts
Value: 1705006826
.tapad.com/ Name: TapAd_TS
Value: 1705006826306
.tapad.com/ Name: TapAd_DID
Value: 4fa39ff1-9584-4f30-b682-9627918f743a
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d5fbccd7-e01f-4573-ae10-40f7c556bf37-005%22%7D
.mfadsrvr.com/ Name: tuuid
Value: 64ddd6f7-87f2-409c-8b34-25dd7f7128ed
.mfadsrvr.com/ Name: c
Value: 1705006826
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705006826
.simpli.fi/ Name: suid
Value: CEB851FA66C8452BB1074AA4B01A8CFE
.id5-sync.com/ Name: id5
Value: caff9881-3810-7118-b047-45b1907ad70d#1705006825725#2
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CEB851FA66C8452BB1074AA4B01A8CFE&KRTB&23486-uid:CEB851FA66C8452BB1074AA4B01A8CFE&KRTB&23489-uid:CEB851FA66C8452BB1074AA4B01A8CFE&KRTB&23539-uid:CEB851FA66C8452BB1074AA4B01A8CFE
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEP1TGn-myXeFWuD1djMIy6A&KRTB&23025-CAESEP1TGn-myXeFWuD1djMIy6A&KRTB&23386-CAESEP1TGn-myXeFWuD1djMIy6A
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5e429705-5af2-4d3a-9916-cdb10e4da43e&KRTB&22918-5e429705-5af2-4d3a-9916-cdb10e4da43e&KRTB&22926-5e429705-5af2-4d3a-9916-cdb10e4da43e&KRTB&23031-5e429705-5af2-4d3a-9916-cdb10e4da43e
.krushmedia.com/ Name: krm_usr
Value: 018091c2-7db4-5e14-8c96-6f47156356b2
.rubiconproject.com/ Name: khaos
Value: LR9P1J24-1H-K54I
.server.cpmstar.com/ Name: USER_ID
Value: %ea%15%b0PUl%a2%a3O%0d%ccz%f69%7f
.adx.opera.com/ Name: UID
Value: OPU6cb3977631f742e5824f364d98f6de68
.socdm.com/ Name: SOC
Value: ZaBW6sCo8XUAAIAt-0cAAAAA
.lijit.com/ Name: _ljtrtb_87
Value: 64ddd6f7-87f2-409c-8b34-25dd7f7128ed
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!285
.lijit.com/ Name: _ljtrtb_103
Value: OPU6cb3977631f742e5824f364d98f6de68
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwj2tbrhy7zJPBAFEhQKBXRhcGFkEgsI6pTW5Mu8yTwQBRIWCgdydWJpY29uEgsIpJ625su8yTwQBRgBIAIoAjILCLSL2ZHivMk8EAU4AVoFdGFwYWRgAg..
.lijit.com/ Name: _ljtrtb_26
Value: 8bc9387f-1282-4544-9e5d-7a38e5909374
.krushmedia.com/ Name: krm_r
Value: 572|498
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJwVzE0KAjEMQOG7dG2gTdL8uFUQUXBQXLh0Ju0lxLsbt4%2FH9ymtUtmX2%2FKUbSVXFWpTGUc35EnC4TYlhljZFZRcbd2cTCc0NATuzOCjB%2BibbHSvTsr5Ws33evelnV8XOAE%2Bjod%2F1sypRshUSCaJ6hvYSgzYI3RqwiPK9wd3SCXD
.lijit.com/ Name: _ljtrtb_80
Value: LR9P1J24-1H-K54I
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2E?bK42$f!@wnf-Te9(S@mqC2lWGcn#O[AD0H37Y52yiq^YGw1Md*mo)#BMP-HC_#ttHX(EE/I
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSOVAxSjI0LTFILUs1NEkiLCJleHBpcmVzIjoiMjAyNC0wNC0xMFQyMTowMDoyNloifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0xMVQyMTowMDoyNloifQ==
.yieldmo.com/ Name: yieldmo_id
Value: VEF7Nqqnn7qPAIWCn2fB%7C1704931200000%7C0
.ads.yieldmo.com/ Name: ptrkm
Value: 018091c2-7db4-5e14-8c96-6f47156356b2
microsoft-security-essentials.softonic-ar.com/ Name: vidyk
Value: 1
microsoft-security-essentials.softonic-ar.com/ Name: svidyk
Value: 1
.bidr.io/ Name: bito
Value: AACiaU7LQK4AABP4tSLlpg
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: bcookie
Value: "v=2&6c5abb8e-8191-4c75-8e73-bfcdc5b87b2b"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3099:u=1:x=1:i=1705006827:t=1705093227:v=2:sig=AQFbBpn73uNYTIZ--aE2f6QRtqnI72sr"
.rubiconproject.com/ Name: audit
Value: 1|IDKR4kwCnKGXd0z3JVgHkV+TxD63uva5fSN687seFxubz16xSA9sXT8utRC5ElHfO9sxeCrTKcwiZ07GJqnMnkAB1LOiaydkvspVenLgrnoUpYWVrKDp+E3OYGmoobl7
.sharethrough.com/ Name: stx_user_id
Value: 6e266ce4-3b71-4eb5-b1bb-ca0956540b04
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 7c96c603-d091-4062-a9a9-d8918dc24871
.prebid.a-mo.net/ Name: sd_amuid2
Value: 7c96c603-d091-4062-a9a9-d8918dc24871
.hb.yahoo.net/ Name: visitor-id
Value: 3480084271523824000V10
.hb.yahoo.net/ Name: data-mag
Value: LR9P1J24-1H-K54I~~63
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2g4k:19e0~2g4k:18z8~2g4k"
.adnxs.com/ Name: XANDR_PANID
Value: jc73BtdqqBp2rxtMT_Knaeza46T9t4MsC9nSzgbNj7T8K3bGKTvlXnRuOxUMBcv4O6pEA1Y-pDH_5agacxaousxgj0oSk7VoYktn8C5TEWY.
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-4afffdcc-d345-494c-be75-fdcb7daafa99&KRTB&23011-4afffdcc-d345-494c-be75-fdcb7daafa99&KRTB&23355-4afffdcc-d345-494c-be75-fdcb7daafa99
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1705536000%3A265%7C1705017600%3A248_255%7C1705968000%3A257%7C1706140800%3A256_263_261_260_259_201_258_262
.pubmatic.com/ Name: SyncRTB3
Value: 1706140800%3A220_178_5_48_250_3_233_231_55_54_22_21_166_8_71_13_165_104%7C1705536000%3A223_15_2%7C1705795200%3A63
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4351479220626828673&KRTB&23339-4351479220626828673
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaBW7QANzC_F6wBH
.kargo.com/ Name: ktcid
Value: 4595495a-0368-067a-5801-1fd95219fea2
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240111%22%2C%22141%22%3A%2220240111%22%7D
.bfmio.com/ Name: __187_cid
Value: 30DD4648-B5ED-444F-A69D-CA9544641527
.bfmio.com/ Name: __io_cid
Value: 14cdef5b47ab0283c684cf4d6d4b23f16fbb642c
.thrtle.com/ Name: mc
Value: eyJpZCI6IjFhNmJiZjk0LTNhODAtNGU0ZC1iN2VmLTEzZTQ0YzQ2MDAyMiIsImwiOjE3MDUwMDY4MjkyNjIsInQiOjF9
.adgrx.com/ Name: ADGRX_UID
Value: 73836372-b0c4-11ee-8f5e-6e51af5f9eec
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2323851562009475149&KRTB&23150-2323851562009475149&KRTB&23527-2323851562009475149
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_32c0b4d07a55424cbb8c5
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23334--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23417--tBDgfwlV_hvwp42xPpc4iaEdkY&KRTB&23426--tBDgfwlV_hvwp42xPpc4iaEdkY
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1705006829!sovrn,1705006826
.rlcdn.com/ Name: rlas3
Value: J9K2PLE/SE7YvblYs6jw3Z78ugPi0X+tENw0KMjYdKI=
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.sitescout.com/ Name: ssi
Value: 3da2d744-103c-40ad-a37f-7435b3abdf5c#1705006829487
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_739ece50-b0c4-11ee-9d5a-12fa6b58ae11
.mxptint.net/ Name: mxpim
Value: R33647_10F23AA9F_6F144E98.1.000000000000000065A056ED
.quantserve.com/ Name: d
Value: EJoBCwHwKvijAA
.quantserve.com/ Name: mc
Value: 65a056ed-7faec-66cd4-4b549
.smartadserver.com/ Name: csync
Value: 127:AACiaU7LQK4AABP4tSLlpg
.rlcdn.com/ Name: pxrc
Value: CO2tga0GEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-73836372-b0c4-11ee-8f5e-6e51af5f9eec&KRTB&23275-73836372-b0c4-11ee-8f5e-6e51af5f9eec
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNTAwNjgyOTYxNX0
.w55c.net/ Name: wfivefivec
Value: pvNbrYB61Ro2a95
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: e5f0a4f796eeb0518917f095754ecf40
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8bc9387f-1282-4544-9e5d-7a38e5909374
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_10F23AA9F_6F144E98&KRTB&23092-R33647_10F23AA9F_6F144E98
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61&KRTB&19420-w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61&KRTB&22979-w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61&KRTB&23462-w885JcDMPXHYzT50kJl1I8OZPCHYzjogwcNkeo61
.dotomi.com/ Name: DotomiTest
Value: 1433f9dd813e0fa9
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-3da2d744-103c-40ad-a37f-7435b3abdf5c-65a056ed-5553&KRTB&23418-3da2d744-103c-40ad-a37f-7435b3abdf5c-65a056ed-5553
.w55c.net/ Name: matchpubmatic
Value: 5
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p2g|7dN.0.AACiaU7LQK4AABP4tSLlpg|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:pvNbrYB61Ro2a95&KRTB&23421-uid:pvNbrYB61Ro2a95
.pippio.com/ Name: did
Value: q7job8na9E7MfO1t
.pippio.com/ Name: didts
Value: 1705006829
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CO2tga0GEgYIgr0rEAA=
.linkedin.com/ Name: li_sugr
Value: 3566eeee-dd59-496f-91aa-84e70c91f420
microsoft-security-essentials.softonic-ar.com/ Name: _dd_s
Value: rum=0&expire=1705007724658
.technoratimedia.com/ Name: tads_uidp_16
Value: 1547975003335
.technoratimedia.com/ Name: tads_uidp_37
Value: 0448865d-718e-37fe-a8cb-0affc2cebfd8
.technoratimedia.com/ Name: tads_uidp_44
Value: LR9OHFI5-12-IF2T
.technoratimedia.com/ Name: tads_uidp_45
Value: A6016292-7C09-4AAF-B0D3-62E359EF2284
.technoratimedia.com/ Name: tads_uidp_46
Value: 3057941416216068311
.technoratimedia.com/ Name: tads_uidp_48
Value: d25fe073-ef08-44b5-936e-519782a87488
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMcb6fVWyeuwMiihPxAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: a9a57817-5660-4225-9fc2-4abc52640663
.technoratimedia.com/ Name: tads_uidp_61
Value: 212417215730087
.technoratimedia.com/ Name: tads_uidp_62
Value: 3480074881524073000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: FZRaZXl-XM83EjSk_6kDkgvt4DUFW99A
.technoratimedia.com/ Name: tads_uidp_7
Value: 25a717f2-a7a1-4bed-bc5a-6888023cc9c4
.technoratimedia.com/ Name: tads_uidp_70
Value: 1674043991941-957306093047-001464-009-005972
.technoratimedia.com/ Name: tads_uidp_73
Value: AACiaU7LQK4AABP4tSLlpg
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-e62a1213-c955-443b-96e4-f9cba24f4312-005
.technoratimedia.com/ Name: tads_uidp_77
Value: f1K4_wmgpxfDt5Ux9x3yH-d3tnSSbh8hhzkKnJ2RRDE
.technoratimedia.com/ Name: tads_uidp_80
Value: y-tv2ZGcpE2uFRYxnZRfKVE0t4tVY.Uzjp~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZaBTQHdtieu5qh76pjjW0AAA&365
.technoratimedia.com/ Name: tads_uidp_83
Value: ELWDeiSWkKiw
.technoratimedia.com/ Name: tads_uidp_88
Value: 1997548922757794384209
.technoratimedia.com/ Name: tads_uidp_90
Value: 62420b2c-93b6-4958-86ee-d0a539a95879
.technoratimedia.com/ Name: tads_uidp_91
Value: 6493335838109300398brt76151639261561881074b6
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1703211272902
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACiaU7LQK4AABP4tSLlpg
.pubmatic.com/ Name: PugT
Value: 1705006831
.pubmatic.com/ Name: SPugT
Value: 1704967670
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGwuiK0JzDdAN6VLNAAAAAAAA&KRTB&22713-AAAGwuiK0JzDdAN6VLNAAAAAAAA&KRTB&22715-AAAGwuiK0JzDdAN6VLNAAAAAAAA&KRTB&23519-AAAGwuiK0JzDdAN6VLNAAAAAAAA

2 Console Messages

Source Level URL
Text
other warning URL: https://www.google.com/adsense/search/ads.js(Line 210)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2030DD4648-B5ED-444F-A69D-CA9544641527&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
afs.googleusercontent.com
ampcid.google.com
analytics.google.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bpi.rtactivate.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.id5-sync.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
crb.kargo.com
creativecdn.com
cs.krushmedia.com
csync.loopme.me
dis.criteo.com
dnlgm0m0r44nl.cloudfront.net
eb2.3lift.com
eus.rubiconproject.com
fa6c4326cb05f2723b7c8c04eba02839.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hades.srvtrck.com
hb.yahoo.net
i.liadm.com
i.srvtrck.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.sftcdn.net
io.narrative.io
js.srvtrck.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
microsoft-security-essentials.softonic-ar.com
notix.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.tribalfusion.com
sc.sftcdn.net
sdk.privacy-center.org
search.srvtrck.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
softonic-ar.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
stats.g.doubleclick.net
storage.googleapis.com
sync-km.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
syndicatedsearch.goog
t.adx.opera.com
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
wct.softonic-ar.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.mrtnsvr.com
csync.loopme.me
104.18.35.167
104.36.115.113
107.178.254.65
108.138.106.59
108.139.38.124
108.139.51.165
108.139.54.29
124.146.153.165
130.211.23.194
131.153.170.220
139.45.240.92
142.250.64.102
142.251.40.162
147.75.195.55
151.101.1.91
151.101.194.49
162.19.138.119
162.19.138.120
162.248.18.37
169.197.150.7
173.231.184.20
18.238.55.15
18.238.64.130
185.167.164.49
185.184.8.90
198.148.27.131
199.38.167.130
204.2.226.29
207.198.113.204
216.22.16.40
216.22.16.57
23.105.12.143
23.32.172.185
23.40.179.154
23.56.163.106
23.58.91.123
23.83.76.69
2600:141b:1c00:1a86::29cc
2600:1f18:4e9:5a07:661c:76e7:ba4a:a9a4
2600:9000:2510:e000:5:b7cc:d3c0:93a1
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:3456
2606:4700:10::6816:4bd8
2606:4700:20::681a:346
2606:4700:20::ac43:4aad
2606:4700::6811:594a
2606:4700::6811:5a4a
2606:4700::6812:19ad
2606:ae80:1451:24::730
2607:f8b0:4004:c08::9d
2607:f8b0:4006:806::200a
2607:f8b0:4006:807::2001
2607:f8b0:4006:808::2002
2607:f8b0:4006:80c::201b
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2001
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
3.215.169.119
3.229.81.23
3.33.220.150
3.91.113.229
34.111.113.62
34.170.123.2
34.200.65.202
34.231.250.139
35.172.99.217
35.207.24.140
35.211.178.172
35.227.233.104
35.244.154.8
35.244.159.8
35.244.193.51
35.71.139.29
40.76.134.238
44.219.58.122
44.221.129.93
51.222.239.230
52.201.6.220
52.46.128.147
52.6.102.233
52.86.74.151
52.95.126.138
54.165.177.33
54.166.215.153
54.196.33.224
54.225.179.207
54.227.205.3
54.85.14.136
54.90.49.71
54.90.5.164
63.251.86.49
63.251.86.50
64.74.236.255
68.67.160.132
69.173.151.100
69.194.240.13
69.90.254.78
74.119.119.150
8.2.110.134
8.28.7.84
8.43.72.97
82.145.213.8
0089b0f7f21bfd72e5e09ec08a91edfb1d940db7dbd4afa9d116ef2215e2b25c
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0502f71044773692729b06705a3c58788e02666ab06cc6d93103203dae44235b
0688b0a3d226ad1b96a353aa3600d27f9a175a398535558820b6157ab874e283
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07183e346763cd19b5f9144d11f8052496b48ae28688463936b978cadc42c437
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0889798e4743b5e3666156191e0df4387e6ceeaa53eddca65ee286ae0ea353f2
0916fc3d1ca0339e2baa78b1a105e78c99f823d26a8f149a8afd123e040238e3
0993803f2abc676112d5886dcef955ca6ea807cae5812d00b97a70104444ee2c
0a237c4f677852fa1c4f3bbe11f08dd8b1920a794b1fff3d7d2e67aaba13abc8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc144665fa4b11b2a7ca8d50d95ff5854d8371479133c4ebcd00efc0b4bafba
0dfdd88f0f92086884ea4214bc6b6f54119d75b3d72000e4cb83ea48166282ea
108a03b66d79154b339b09bcc70ccb9e7c6026c38e7fa10da757ef39e37d31ad
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153
133495966a7ed0b79d8d1e60924036fea9ada2b22d247c56fefd6e2b97f4cb1a
1833b0d747de756c731e9e54657199376daadd77061e2919a9bf06c91433632f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ada5d6847da8280cb91c16bea3a27c5e0b5c3a5801b11c735f47c4f5a36e3ef
1c996febe2406193a8f4f29f33e6368f1ac678773895375fa183cfa2fabe6195
1cf211785a06a2b9489c9d7084855599a0424e24f5d8d0ca33e78999abb7b24c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d84d36618f85a216efd1b209853929d703a9501a12fa5e04a5993c2ec1b7432
1e8565c2fefd99bae229bf5912b8a400f64eed0f6e6762f7101771328ea1bd48
1f1025c1815a37ee80aec74c7ff24cfd14815787d4a9c739529b32c9b1d8514a
1f225c38ee7f1cbe2dca4cb0df8cbe5f93ddb74565e4bbee39a41e00ba837180
2088f5aa1ebfab0d8de47886b0418c34f5b36d5b19286b9c87616547dfa3562d
239c0457614350b2380c59faaf0d7804db620873b37345613b8ccaff4dc3dbc3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2a55077189df13b4b3309bd8895e3c8e4db61c6cb878514dff0d747950a097e7
2a8aca25327ad3160d09d8ba0d9619a8a0d968ced3da30057752fae852250072
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c57e8e0392d0b5cf9bce04b8632c1b0b5af87a34f9f63818ab69cadd10e31e4
2c94c3b3038a88cba7f2f0ab23c917758c12bd03873ae1078b59286ab5f656f5
2dce3035cfadf3932bd8bd977f5d9c11e1e49df39092c4de36968fbbf0d81a04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321678e1f17ac5afc3954c253dfaab53514a793e0e659616c4165a6535776abb
3399f73a829693c7f1b48d5165488b2794b4449ba99e71e3965416d80a19e329
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3895e3155eed72fdb0a76b416fef8da7ef0e5c3ffe340722223a565648ce73b0
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edfbc46685f6b4a7652dd6394237067f0a481d6631b1951a016a00e05058306
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
424ce2a4316d78fdb992540176a43b3760531997eb66364063d5a496001f066c
4252dba776e8f03fd6d2f78c3be8c28f5495e328176ecf187a40a56eac57ca86
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f44e377bd4d7a09a409ca3d51ecf4cffbc34a536ae204c5d4396150d08f238
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e15eea125baa3fd11778695061c80e3d8467218ace23ebb0cd2274b98d59ecc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
51e56412ce6d10fdcd849a1ee0e089c809b252e8c6a0c293afd5ac6f1ce2d3bb
52c7d0a58d4eb8030659791c2236e1d1809bf8aa4fc7faf056baf9e54d58ecc4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d79d54f7e6288c3920c97821f8579a9ac57e3c0b74b5d8b7b335cdcaee1a910
5e0e18e886a3389c23afdd90bfd1a45f5f4805968ee0e8c3e296c6c8ff071339
5ef5073c6e8dcffe3f6e5c98082c0ff1e5f030aad0d0008d30e3140085c84917
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b87f3a9b8e71f7bdbd197b2f738fce11c853f36c450c450cd2210c3aa1e4f2
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fbfd9f15b571ccec952647d4fd91e45b42c67b372b042cb9404d00a8d9fac07
72ff3c9b271ed70560d3c3db5fff8d8d178d2df2a5ba3cd0a7c1a7ede5e4da0a
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c
762b5783d284114b00eeeab46e026c621e13ddbf4e3df58410c3379e2441f7a0
76f2191ebf87532021d4c4073c91b95f344dd8d5fa47ed2c7688d4ce50c66553
771b05ec022ee8413643311d3f68bb88198da82c7e6acf6f22d676ef4ebd3e93
784d6b415cd3d4f9e0f053ec647b8eb6bfe726cb51727e223cd13d7ae30c1f8d
7b5716ff5b45abadfefa383209d1c05f98d669ae96034629fbc828ca86252cce
7e75769ef9d24b4fcbc7caf167dcdf601eda2c70ba9434ba895e8f97dec63ad2
7fb21a1261405f6725f1b1ada03ee1d8c10b93aa9db99f7e46f9c6549e1570b7
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
863b9249e9081287fa9a919fcbb895a15ddc3cac991ceabfcff497e2ced37064
8833f51b66fa97cec6e1c8979d9e6e859228bfb45064b7601a6a1f5c99ed4c94
884137c03e78668c2b57a8b249eafec0d976c87d2e95138fe31755d9c3491dcb
898fccb4de6ea386c94ea519206e1c93be7a45e45875d1a421ae33991ecb354a
8e1ae146e5e48626861cf984f8606faf7ec288b9f73c0305c15a71f4881c704f
8e2f600c48371157f9dad40813abb9e741a2d4cf9fa190697b728bd09d58f364
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e755e09f14b77b9c6ef973522c23882759cf7e262e80679f5048e0d46e132ec
905d3e553e4422c5222b8c1280ae28aa047aabb4c71fd4cf8b8517c45e87e9bf
933ea12ddcde386f76de82b7b5450300ba19b94a09ebbe914f21fa628fc13262
93a679e6e0ee5c4b2e031bdf5ca88b1f3a421b565de169f88ebec2ba1f076f5f
946311bfacab6de784b53fe5cbef991c1ea322702acf43dfa5cf3d37cd740ee9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9b3711515f1ad425c0a07a1aa57038aab8f1f9cd518b30a17b8ef1dfe3a69386
9d88ce528db48e42087799ed552a8252514dd94868151e09257b137f12979243
9fc1e99be9e7cbe33a9489f55617429231d25f33e077372ebcc5660e7253f126
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a272935af19dba0ceb53775d2fc4fa2e8e5755635c67c3cd71f5dca563e4fb05
a3a2b7074615ca95c09da5b4eda0abd409c4ea4b3e5a64bf90d563fd93428b2e
a46cf167f42b264d883d683de404dd245df9047f77fd93a7c7599986b4bfb94f
a87d189568a4da1e3266c1e4d1d1bbe61c5048a5cf6b3efebbcdfff90eae3eeb
ab5ccc9dc44e6cfaf9383ff011232f567d58842505135aaf2955fb7059f69f63
ab9e2fa2d00f6af1986e12b6bdee984d599b0cd890c3c145562da520a8d31ee4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aef585bb36eb77837a981580fdfa7b82b7070b7f26d6dbc32c26ccc2f96d46fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b50dfe1949e0618f9e7d91820ffd9fa04d2cf84f2a8a23c65cc2babe423b77
b6025b7f608d194922bc9228899f20c1440decdc1ec235695948e50174fa5cee
b6ebd2244153bb9f85eab74cb2097c99965ec579adc640c607fd7a15b60b3e19
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
bb1aac2122475831e76e0be2eafdd931df10690fb07f3cac2bfe3340e8955063
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5bc60d2d0770be838ba653bb352014da237d427ad05f0d72f10db52046e49c
be5c868db64b703ed8581b4f5470e24885c858682f782a086b4b4fd2e7b983f6
bec1fe56f70cc02bba5f24dd2a38f5210e2d7322a507ebe3dbb08ccfaa2a7dd6
c16479cce7bfda22cb9fd218628efa4df89b329337dce23126ed20c0f1f31715
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c834ba68f416b49806b8e2e82f19ef846d5bca11542e0131cc22b56ec7fb78b9
c9099f66dc3ee8a19b91851ed50843a7cf681658f2085ed79ef3ada56e67db70
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdffc63c4820469e776ba6b4a935edc607637a4959f5cf79364cde69b93a81c
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a
d635d09bda9708c5a14649270950e0943edab5443eb2b2ff0ba1c7ff16bde09f
d8dac4dfb15299ed2b7c3b13a3ee6ad080342ee87638f44190dea188ea674120
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d98de156c42051e47eeeb3ca664783fa4dc441f7d4a7df4f8232e3cb7b2caf0a
da32d596cbf89f9ce17641d26b42138c70c6cdd9a6b13c00ed38fe78978c1e16
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5c415b492d1ddcee74d91f4799b72b861f0068f37368fc237adabaaa85a866
e021a6be9a6840147168382059fe2d9c48ca2c6160e0874b7e05204557f61600
e110a6d62e59f3066604d8124754f1a5589a6c0eabafd02d980099b84bddeca2
e1f2d014eceffab500f9a14d40871c8c2e5842e434004ec947674ff89f328f1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd
e9bcfe7caebe4092e510bca5525284b31e9811895dc43430dd9a25191c859caf
e9c31927763f03b102486bcd0a9827dc7375b9860debdd3d1aebfed04c26c846
e9d012445368850fe72e98a60abeb8a4aa0a59e3e794058a345f37e3069a3f01
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7768c313ea66869d68a301994c5a6b1fcf05058ae17606c82381d675b1b3b7
efb0d43254878df8f75d6a4ff03991dd0997ab0aecb48e8d2c6dde12f57f23f7
f43dad0f2049b856088a9c9742dd72b5fcbf9994a5ab243f5a8761cd21632baa
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ec686cee884db69da169838e9a8a6bb6c7079e491cd9476a7c169603d0c39e